Trojan targets Mac pirates

By Shaun Nichols on Jan 24, 2009 8:01 AM
Filed under Security

Malware slipped into iWork downloads.

Mac users are being warned of a new malware attack circulating within pirated software for OS X.

Researchers from Intego and Symantec have reported the infections occurring within pirated copies of Apple's iWork productivity suite.

According to both companies, the malware is embedded within the iWork installer package and is executed as soon as the user begins installing the pirated copy of the program.

Once installed, the malicious software connects to a remote server, opening a 'back door' to the targeted system and potentially allowing an attacker to control any infected machine and access personal data.

"The malicious software connects to a remote server over the internet. This means that a malicious user will be alerted that this Trojan horse is installed on different Macs, and will have the ability to connect to them and perform various actions remotely," Intego said in its report.

The company also noted that additional components could be installed on infected systems, as the malware is given root access.

Symantec product manager Mike Romo said that, while the company has the Trojan classified as a low-level threat, a significant danger still exists.

"It is still significant because, with the current economic crisis, more and more people might be tempted to use pirated software instead of paying for it," Romo wrote.

"What's particularly vexing is that, unless users have some kind of security software, they would never know that their Mac was compromised because the iWork components themselves would work normally."

Intego and Symantec said that the latest updates of their respective Mac security products will detect the Trojan. However, users can simply avoid the attack by not downloading pirated versions of iWork.

Follow us on Facebook and Twitter

Copyright ©


Trojan targets Mac pirates
Top Stories
Australian IT superpower born as CSC-UXC deal approved
Joins Dimension Data in the billion-dollar club.
HP Inc struggles with plummeting PC, printer sales
Downgrades profit forecast while HPE holds firm.
Microsoft admits problem with Office 365 security module
'Incredulous' delay in fixing Advanced Threat Protection.
Sign up to receive CRN email bulletins
Who has best odds in public cloud (other than AWS, Azure, Google)?

Latest Comments
CRN Magazine

Issue: 343 | October 2015

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.