Security researchers have found proof-of-concept code for an adware program that targets Apple's OS X operating system.
According to security firm F-Secure, the application does not target a security flaw or bug in the operating systems code. Instead, the adware installs itself through a feature in OS X that allows system libraries to be installed without notifying the user.
While installers require user permission to run in Mac OS X, system library files can be copied onto a machine without ever prompting the user for permission, according to David Frazer, F-Secure's director of technology services.
"It can be seamlessly installed," Frazer told vnunet.com. "When you install the library it doesn't require administrator rights."
The proof of concept that F-Secure tested would automatically launch a browser window every time the user opened an application. It could potentially be used to expose users to unwanted advertisements.
F-Secure has not released details about how the exploit works or what components it targets in the hope that Apple will fix the issue before any malware reaches the public.
"The idea behind this is that there is a vulnerability that right now isn't exploited as such, but it has the potential," said Frazer.
The company hopes that Apple will issue an update for Mac OS X that will force the system to get user permission before it installs system libraries on the machine.
F-Secure's posting comes in a month that has seen the release of several other pieces of proof-of-concept code targeting Mac OS, challenging the common notion that Apple's operating system is less vulnerable to malware attacks.
"For a long time now Mac users have had the feeling that malware is only going to the PC market. This could potentially open the risk for scams that Mac users never see," said Frazer.
Apple did not return requests for comment.
Adware penetrates OS X
By Shaun Nichols on Nov 29, 2006 9:19AM