Sneaky adware caught accessing users’ Mac Keychain without permission


Last month, Ars chronicled a Mac app that brazenly exploited a then unpatched OS X vulnerability so the app could install itself without requiring people to enter system passwords. Now, researchers have found the same highly questionable installer is accessing people’s Mac keychain without permission. The adware taking these liberties is distributed by Israel-based Genieo Innovation, a company that’s long been known to push adware and other unwanted apps . According to researchers at Malwarebytes, the Genieo installer automatically accesses a list of Safari extensions  that, for reasons that aren’t entirely clear, is stashed inside the Mac Keychain  alongside passwords for iCloud, Gmail, and other important accounts. Genieo acquires this access by very briefly displaying a message asking for permission to open the Safari extensions and then automatically clicking the accompanying OK button before a user has time to respond or possibly even notice what’s taking place. With that, Genieo installs an extension known as Leperdvil. The following three-second video captures the entire thing: Read 5 remaining paragraphs | Comments

Continue Reading:
Sneaky adware caught accessing users’ Mac Keychain without permission


Please enter your comment!
Please enter your name here


This site uses Akismet to reduce spam. Learn how your comment data is processed.