Hackers Write ‘Proof-Of-Concept’ Adware for Mac OS X

Savvy Windows users have learnt to defeat adware and other nasty codes that download from the Internet and intrude on user activity, pinch data, or clog things up.; those who have not, generally become victims. Until now, Mac users have been quite complacent in the belief that adware has been virtually absent from OS X.

Anti-virus firm F-Secure reports that miscreants have written a 'proof of concept' code of adware that targets Apple Mac OS X users. The 'iAdware' code can silently install onto Macs, running itself each time the system loads an application. The malware exploits unspecified security vulnerabilities in the OS to install itself as a 'System Library' without signaling users about it.
'F-Secure' writes on its 'blog' on November 23, 2006 that the firm had received a 'proof of concept' sample of an adware. Theoretically, the program could install on a User account and hook onto each application and for which, it does not require 'Administrator rights'.

The company declined to unfold the exact technique used in the process because it is a feature, not a bug. But it said that the process that installs a 'System Library' shouldn't be permitted without alerting the user. This is more so as it only requires 'Copy' permissions. Since an Admin could install this to any user across the world, this particular code was successful to launch the Mac's Web browser whenever and whatever number of applications were used. This is easier to perform with Macs than with Windows.

The malware though has a minimal threat value is notable for its uniqueness. Internet surfers come across numerous adware programs floating around that can infect Windows users with pop-up programs that damage system performance. But 'iAdware' is the first single application aiming Macs that researchers have encountered.

Vulnerability researchers have been closely investigating flaws in Mac OS. As part of the 'Month of Kernel Bugs' (MoKB) project in November 2006, researchers revealed two serious flaws in Apple's operating system. Both researchers and attackers have also been concentrating on converting vulnerabilities into explicit code, as per a recent report of Symantec, the company that owns 'Security Focus'.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 11/29/2006