In OS X found a new security hole that arbitrarily sets the application

With the popularization of the platform OS X there are more developers who create malicious applications. Thus, recently in the network found a virus that installs without the user's extension for Safari and third-party applications, and then can access the user's password.

By the way, Western journalists managed to get the information that the developer has become a threat to the Israeli company Genieo Innovation. Fame, as expected, the company has a very negative: it is not the first time I've noticed the creation of "junk" applications for the Mac. But this time the company went even further.

The scheme works as follows. Extension for Safari or third-party application gets on your computer. As expected, the system prompts the user for approval to install. Here comes the fun part: "OK" button is pressed automatically. And it happens so quickly that the inexperienced user will not understand what happened. Only three seconds, so that the window appeared "OK" button is activated and the window closed (a process can be seen in the video).

What is interesting, usually developers use this technique to help users - those with low vision or other problems with the computer management. In fact, the ability to automatically pressing the "OK" should help people, but there were those who It uses this opportunity for other purposes, and to create additional security risks computer. "I am really surprised that no one has thought of it before," - says Thomas Reed of the company Malwarebytes.

According to the results of these actions Genieo can get access to passwords in the Mac Keychain, and then - to access iCloud and Gmail. The user simply will not pay attention to pop-ups that they themselves will disappear after a few seconds. Rectify the situation can only be manually removing the malicious applications.

(via)