Help! Do I have malware?

Hi all,

Long time reader here, first time poster...

I have Little Snitch installed. I use an app [that shall remain nameless in case this is a false alarm], but I was recently reviewing connection attempts in Little Snitch, and it claims that [this app] accessed "anonops.com" I checked this website and it seems to be an IRC server run for/by Anonymous (?) but I don't really know. I know it gets its app updates by connecting to [this app's official domain], so this was something different.

Can anyone shed any light as to why [this app] was trying to access this domain? I don't want to accuse anyone of making malware, but obviously if the developer was responsible I can't just ask them and assume I'd be given an honest answer.

I'm running Mountain Lion and follow security best practices (don't open/install packages unless I know where they come from, browse the web with Java disabled, use Click2Flash and AdBlock, have "open safe files" disabled, no pirated software, etc.) so I wouldn't have thought I'd have been infected with anything.

I'm open to any suggestions as what to do next. (I cross-posted this question to apple.stackexchange.com too) Unfortunately, I haven't been able to detect another connection attempt yet otherwise I could try and figure out what's going on.

I just want to emphasise I'm not accusing the developer of anything. If, somehow, I do have malware maybe it's possible it's just using this application to access the Internet? Or maybe there's a legitimate reason it would need to contact this domain?

Any help would be *really* appreciated.

Thank you.

 

Possibly a false alarm. I've been told that Little Snitch uses reverse DNS to find out what website an app is trying to access, and that [this developer's] website may just be hosted on the same service as the other site . . .

 

I contacted the developer, and got a response, and it looks like it was just a glitch: the developer uses the same content delivery service as that Anonymous website, which is why when Little Snitch looked up the IP address it returned the wrong URL.

I'm just posting to say it seems like a false alarm, and I really do appreciate the replies here. I just didn't want to name the app until I gave the developer a chance to respond, because it could have created a load of bad publicity for them when it turned out to be something completely innocent. So I thought not naming them (at least until I heard the developer's response) was the responsible thing to do...

I'd asked the question originally mostly to see if this would have alarmed anyone else if they'd seen this happen, or if I was worrying about nothing.