RSS
Home > News > Trojan Found in Pirated Copies of Apple iWork ‘09
Jan 27 2009

Trojan Found in Pirated Copies of Apple iWork ‘09

  • Written by soulxtc
  • No Comments


Making the rounds on public BitTorrent tracker sites.

For years, Mac users have prided themselves that their PC cousins have been the ones forced to regularly keep an eye out for virus and malware attacks. But, this time is nearing an end. For, as the Mac gains in popularity, it is increasingly drawing the scrutiny of malware developers.

Enter the recent OSX.Trojan.iServices.A Trojan horse, an exploit being distributed in pirated copies of Apple’s iWork ‘09, where it’s disguised as a bootleg copy of the new iWork 09. Once installed, the malware takes administrator access and connects to remote servers over the Internet, where it can be given additional instructions as the author commands, from installing additional malware to stealing information off the Mac in question. The malware creator can also take complete remote control of any compromised machine.

The version of iWork 09, Apple’s productivity suite, are complete and functional, but the installer contains an additional package called iWorkServices.pkg.

123

From security firm Intego:

When installing iWork 09, the iWorkServices package is installed. The installer for the Trojan horse is launched as soon as a user begins the installation of iWork, following the installer’s request of an administrator password. This software is installed as a startup item (in /System/Library/StartupItems/iWorkServices, a location reserved normally for Apple startup items), where it has read-write-execute permissions for root. The malicious software connects to a remote server over the Internet; this means that a malicious user will be alerted that this Trojan horse is installed on different Macs, and will have the ability to connect to them and perform various actions remotely. The Trojan horse may also download additional components to an infected Mac.

The good news is that only around 20,000 people have downloaded the installer.

As usual, on public BitTorrent tracker sites it’s always crucial that you read the comments, and observe the seeder to leecher ratio.

jared@zeropaid.com

Related Posts

  1. Trojan Found in Pirated Copies of Adobe Photoshop CS4 for Mac
  2. iWork productivity software targets Microsoft’s Office
  3. Trojan Removes P2P Downloads
  4. Xbox Emulator Contains Trojan Horse
  5. P2P Trojan Makes PC Talk, Laugh at You, While Erasing Hard Drive
Zeropaid on Facebook

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Trackbacks url:

Leave a Comment...

Giganews Newsgroups


1 Star2 Stars3 Stars4 Stars5 Stars
(1 votes, average: 4.00 out of 5) Loading ... Loading ...

  • soulxtc: Actually no. See this > http://i64.photobucket.com/albums/h187/soulxtc/ip... (From http://www.zeropaid.com/news/10021...
  • soulxtc: Actually no. See this > http://i64.photobucket.com/albums/h187/soulxtc/ip... (From http://www.zeropaid.com/news/10021...
  • PekkaK: The discussion about copyright has long ago transcended the question of whether anyone has the right to steal or copy or...
  • Debbie: hi could I please get an invite please. I was a member of Demonoid but is down.Thanks. ...
  • D.AN: "... the basic system [...] is Capitalist. Trying to change that [...] just means there will be a lot of corporation own...
  • D.AN: You seem to have the misinformation that file-sharers are part of one group. However, that is not true. "Even ideas, ...
  • D.AN: Ignorant you are, malgre....
  • D.AN: So you agree that you act based on accusation, malgre....
    • sdsd