Lately the Genieo adware is giving a lot to talk about, we already told you as before a variant of it it caused a file to be modified that allowed access to certain personal information by modifying the sudoers file on the system. This has already been patched by Apple, but nevertheless a new version has brought with it a new technique to access the OS X keychain without user intervention.
An uncontrolled security zone that could be used by other malicious programs to get hold of sensitive data stored on said keychain.
The adware relies on a feature of OS X, in which the system automatically store password so that the user does not have to constantly enter the password for any change. As Malwarebytes has discovered, the Genieo installer prompts users to authenticate with their password before installation.
The "trick" is that later, after entering our password, it mounts a special application that requests access to the keychain, that is, this box does not request a password but automatically and without user intervention, simulates a mouse click on "Allow" where it is indicated that the installer wants to use our personal information contained in the keychain, all this does in a fraction of a second so it is difficult to realize especially if you are not attentive, even you may not even see the window. Many users are unlikely to notice the window, and even those who do might be prone to ignore it.
Not really an OS X security issue but rather a ruse to simulate a user action that will send all our browsing information, passwords and even bank details if we have them stored to a remote server, so it is very important to always know what we download and what programs we give them permission.