'

Mac OS X adware sample is not a threat

A new adware program that silently installs on Mac OS X systems and opens Web browser windows is unlikely to create a security problem.The program, dubbed iAdware by Finnish security company F-Secure, is possibly the first example of adware for Macs.

A new adware program that silently installs on Mac OS X systems and opens Web browser windows is unlikely to create a security problem.

The program, dubbed iAdware by Finnish security company F-Secure, is possibly the first example of adware for Macs. It is especially interesting since it doesn't require administrative privileges to nestle itself on computers, according to F-Secure.

Paul Ducklin, head of technology for Sophos APAC, told ,ZDNet Australia that generally, adware may be a nuisance but it does have legitimate uses.

"Technically, adware or ad-supported software has been available for OS X, Linux and Windows in non-dodgy forms for some time," said Ducklin, who explained that early versions of the popular browser Opera could be defined as adware.

"You could pay for [early versions of Opera] or if you want the free version then you will see some adverts. There is nothing fundamentally wrong with ad-supported software," said Ducklin.

But F-Secure is concerned because the program is able to install on a Mac even if the logged-in user does not have admin privileges.

"We won't disclose the exact technique used here, it's a feature not a bug, but let's just say that installing a System Library shouldn't be allowed without prompting the user," according to the F-Secure blog.

"In theory, this program could be silently installed to your user account and hooked to each application you use," according to the F-Secure blog. "This particular sample successfully launched the Mac's Web browser when we used any of a number of applications."

Despite this, Sophos's Ducklin pointed out that there is a clear distinction between adware and spyware.

"Spyware is something that is stealing information and leaking that to a third party.

"Potentially unwanted applications may be legitimate but can pose a security or management risk -- such as peer to peer applications. They make it too easy for someone accidentally to share the wrong files," said Ducklin.

Malicious software that targets Mac OS X systems is rare and has been limited largely to proof-of-concept code, instead of actual attacks. However, there are indications that hackers are increasingly targeting the Mac, which experts have said is not impervious to attacks.