Home / malware Trojan:MacOS_X/OpinionSpy.A
First posted on 21 June 2010.
Source: SecurityHomeAliases :
Trojan:MacOS_X/OpinionSpy.A is also known as MacOSX/OpinionS (Authentium (Command)), Trojan.OSX.Spynion.a (Kaspersky), OSX.DL.OpinionSpy.A (VirusBuster), MAC.OSX.Spyware.OpinionSpy.A (BitDefender), OSX/OpinionSpy.A (CA), Trojan.OSX.Spynion (Ikarus), OSX/OpinionSpy (McAfee), OSX/OpinionSpy (Panda), OSX_OPINIONSPY.A (Trend Micro).
Explanation :
Trojan:MacOS_X/OpinionSpy.A is a trojan that sends information about the computer and the user's activities to remote servers. Installation Trojan:MacOS_X/OpinionSpy.A may arrive in the computer bundled with other MAC applications. Payload Sends computer information Trojan:MacOS_X/OpinionSpy.A may send various information about the computer, such as the following, to post.securestudies.com via TCP port 443: campaign ID operating system type operating system version current system time currently running applications Intercepts TCP packets Trojan:MacOS_X/OpinionSpy.A collects and sends various data intercepted from the computer, such as the following, to various servers using TCP ports 80 and 443: instant messaging data URLs accessed e-mail addresses user's browsing history Its alleged purpose is to collect the data for marketing reasons, but the collected data may contain various sensitive information such as user names and passwords, bank account details, and so on.
Analysis by Andrei Florin SaygoLast update 21 June 2010
