toggle

AAPL Stock: 102.13 ( + 1.24 )

Printed from http://www.macnn.com

Trojan found circulating with pirated iWork '09

updated 10:35 am EST, Thu January 22, 2009

Trojan linked with iWork

A new Trojan attack has been linked with illegal copies of iWork '09, says Intego. The security firm notes that in some copies of iWork found on BitTorrent sites -- and other pirating venues -- a Trojan dubbed OSX.Trojan.iServices.A is attached, masquerading in the form of a package file called iWorkServices. When the iWork installer is launched, iWorkServices is launched as well; while this may be halted by a request for an administrator password, Intego warns that Mac OS X 10.5.1 and earlier will install the Trojan without further prompting.

iWorkServices subsequently becomes a startup item with full root privileges, which are then used to connect to a remote server and inform a hacker that they have access. Further malware may be installed on a victim's computer, though this is not guaranteed.

So far over 20,000 people are believed to have downloaded infected copies of iWork '09, and Intego warns that the Trojan is an "extremely serious" threat. It can, however, be defeated by updating to the latest virus definitions.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Guest

    Joined: Dec 1969

    +7

    Huh?

    The installer won't even fire up unless you have 10.5.6 installed...

  1. ViktorCode

    Joined: Dec 1969

    +3

    Update definitions...

    ...from a security firm or just remove the startup item? I wonder what would I do.

  1. vasic

    Joined: Dec 1969

    +5

    How about...

    ..."Update definitions from a security firm or just remove the startup item? I wonder what would I do."

    I would download iWork 09 from Apple instead of some bit torrent site. After all, it is a full, un-crippled version, and it will work for 30 days. If I like it that much, it will cost me very little to remove the 30-day limitation.

  1. Guest

    Joined: Dec 1969

    +2

    further Huh?

    Maybe one should be downloading pirated software? I haven't had any trouble getting the trial version from Apple, their server seems fast enough. So if the advantage isn't speed, then it is just theft. As they say, if it is too good to be true...

  1. Guest

    Joined: Dec 1969

    +5

    further Huh?

    Maybe one should NOT be downloading pirated software? I haven't had any trouble getting the trial version from Apple, their server seems fast enough. So if the advantage isn't speed, then it is just theft. As they say, if it is too good to be true...

  1. hayesk

    Joined: Dec 1969

    +5

    Deserve

    I can't say I feel sorry for anyone hit by this. There's no legitimate reason to download a pirated copy when there is a fully-functional demo available on Apple's site.

  1. Guest

    Joined: Dec 1969

    +4

    If you download Warez....

    you might as well box up your computer and send it to a botnet. You could build the best security paradigm ever and yet there will always be some stupid user that will defeat themselves.

  1. OS2Guy

    Joined: Dec 1969

    +2

    Hooey

    Thousands upon thousands of people have downloaded iWork '09 which requires no serial or registration code to work and no one has reported a problem - well, except for a desperate software company that relies on frightening the Mac community. In all my years as a Mac user I've never seen a virus, trojan or worm on any of hundreds of machines I own, use or have access to - all of which participate on the web in every form. I say it is hooey.

  1. testudo

    Joined: Dec 1969

    -1

    Re: Huh?

    The installer won't even fire up unless you have 10.5.6 installed..

    Yes, but this is the hacked installer, which will probably fire up on any machine with 10.5.1, install the trojan, then finally hit the complaint about 10.5.6 not being installed.

  1. bjojade

    Joined: Dec 1969

    +3

    Trojans ARE a threat

    These sort of threats DO exist. While it requires someone to do something bad, writing a trojan program on a mac is pretty trivial. The user thinks they are getting iWork because that's what they are told. Since they are installing software, asking for an admin password is expected. However, once you key in that password, all bets are off and ANYTHING could be installed.

    This is the sole reason that anti-virus software would be legit to have on your machine. If it catches these things, it will protect you against getting screwed.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Pure Jongo T2 wireless speaker

Multi-room audio compatibility is a key metric for wireless sound systems these days. The entry cost into a house-spanning system can ...

toggle

Most Commented