toggle

AAPL Stock: 113.99 ( + 1.98 )

Printed from http://www.macnn.com

Trojan found circulating with pirated iWork '09

updated 10:35 am EST, Thu January 22, 2009

Trojan linked with iWork

A new Trojan attack has been linked with illegal copies of iWork '09, says Intego. The security firm notes that in some copies of iWork found on BitTorrent sites -- and other pirating venues -- a Trojan dubbed OSX.Trojan.iServices.A is attached, masquerading in the form of a package file called iWorkServices. When the iWork installer is launched, iWorkServices is launched as well; while this may be halted by a request for an administrator password, Intego warns that Mac OS X 10.5.1 and earlier will install the Trojan without further prompting.

iWorkServices subsequently becomes a startup item with full root privileges, which are then used to connect to a remote server and inform a hacker that they have access. Further malware may be installed on a victim's computer, though this is not guaranteed.

So far over 20,000 people are believed to have downloaded infected copies of iWork '09, and Intego warns that the Trojan is an "extremely serious" threat. It can, however, be defeated by updating to the latest virus definitions.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Guest

    Joined: Dec 1969

    +7

    Huh?

    The installer won't even fire up unless you have 10.5.6 installed...

  1. ViktorCode

    Joined: Dec 1969

    +3

    Update definitions...

    ...from a security firm or just remove the startup item? I wonder what would I do.

  1. vasic

    Joined: Dec 1969

    +5

    How about...

    ..."Update definitions from a security firm or just remove the startup item? I wonder what would I do."

    I would download iWork 09 from Apple instead of some bit torrent site. After all, it is a full, un-crippled version, and it will work for 30 days. If I like it that much, it will cost me very little to remove the 30-day limitation.

  1. Guest

    Joined: Dec 1969

    +2

    further Huh?

    Maybe one should be downloading pirated software? I haven't had any trouble getting the trial version from Apple, their server seems fast enough. So if the advantage isn't speed, then it is just theft. As they say, if it is too good to be true...

  1. Guest

    Joined: Dec 1969

    +5

    further Huh?

    Maybe one should NOT be downloading pirated software? I haven't had any trouble getting the trial version from Apple, their server seems fast enough. So if the advantage isn't speed, then it is just theft. As they say, if it is too good to be true...

  1. hayesk

    Joined: Dec 1969

    +5

    Deserve

    I can't say I feel sorry for anyone hit by this. There's no legitimate reason to download a pirated copy when there is a fully-functional demo available on Apple's site.

  1. Guest

    Joined: Dec 1969

    +4

    If you download Warez....

    you might as well box up your computer and send it to a botnet. You could build the best security paradigm ever and yet there will always be some stupid user that will defeat themselves.

  1. OS2Guy

    Joined: Dec 1969

    +2

    Hooey

    Thousands upon thousands of people have downloaded iWork '09 which requires no serial or registration code to work and no one has reported a problem - well, except for a desperate software company that relies on frightening the Mac community. In all my years as a Mac user I've never seen a virus, trojan or worm on any of hundreds of machines I own, use or have access to - all of which participate on the web in every form. I say it is hooey.

  1. testudo

    Joined: Dec 1969

    -1

    Re: Huh?

    The installer won't even fire up unless you have 10.5.6 installed..

    Yes, but this is the hacked installer, which will probably fire up on any machine with 10.5.1, install the trojan, then finally hit the complaint about 10.5.6 not being installed.

  1. bjojade

    Joined: Dec 1969

    +3

    Trojans ARE a threat

    These sort of threats DO exist. While it requires someone to do something bad, writing a trojan program on a mac is pretty trivial. The user thinks they are getting iWork because that's what they are told. Since they are installing software, asking for an admin password is expected. However, once you key in that password, all bets are off and ANYTHING could be installed.

    This is the sole reason that anti-virus software would be legit to have on your machine. If it catches these things, it will protect you against getting screwed.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

DoxieGo Portable Scanner

Sometimes, people need to scan things, but having a computer at hand to do so isn't exactly feasible. Maybe it's the home of a relat ...

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

toggle

Most Commented