S
sinu
Thread author
- Content source
- http://www.net-security.org/malware_news.php?id=3092
Malwarebytes researcher Adam Thomas has made an interesting discovery: an adware installer created by Genieo, a well-known distributor of unwanted software, is taking advantage of an OS X feature to access information stored in the "Safari Extension List" in the users' keychain.
The problem is the installer doesn't allow the user to make the choice of whether they will allow it access to the keychain. Instead, it "hijacks" the users' mouse cursor and clicks on the "Allow" button - and it does it so quickly (in mere seconds) that the users might not even notice it:
The problem is the installer doesn't allow the user to make the choice of whether they will allow it access to the keychain. Instead, it "hijacks" the users' mouse cursor and clicks on the "Allow" button - and it does it so quickly (in mere seconds) that the users might not even notice it: