Mac is no longer as safe as before. Mac users downloading free screensavers and a video converter app from several popular download sites will get spyware that installs in a backdoor, collects data, and sends encrypted information to remote servers, security company Intego said on last Tuesday. They were found on Softpedia, MacUpdate, and CNET-owned VersionTracker, according to a post on Intego's Mac Security Blog.

It's unclear exactly what data is collected and sent to the remote server, but it could include personal information like usernames, passwords, and credit card numbers, the post said.

Here is what the spyware does:

-runs as root with full rights to access and change any file on the computer,
-opens a back door using port 8254,
-scans all accessible files on local and network drives,
-analyzes packets entering and leaving the computer over a local area network, enabling one infected Mac to collect data from different computers on a school or business local network,
-injects code with no user action required into Firefox, Safari, and iChat and copies personal data from those applications, infecting the code of the applications in the Mac's memory but not the actual application files,
-regularly sends encrypted data to a number of servers using ports 80 and 442 about files scanned, as well as other information including e-mail addresses, iChat message headers, and URLs.

The spyware can be automatically upgraded to add new features without the knowledge of the computer user. It occasionally asks for the user's name or prompts the user to fill out surveys via a dialog box.