Pirated copies of Apple iWork 09 infected by Trojan
More than 20,000 Mac users have already downloaded a version of iWork containing a Trojan which can give control to cybercriminals.
Mac users are being warned about a Trojan horse circulating through pirated copies of Apple's iWork 09, which are being distributed via BitTorrent sites.
Intego and Symantec released security alerts which said the downloaded copies of iWork were complete and functional, but contained an additional Trojan package called 'iWorkServices.pkg'.
Once iWork is loaded, the installer for the Trojan horse is launched. This installs malicious software, which is now present as a start-up item and has read-write-execute permissions, letting it connect to a remote server over the internet.
This will inform the malicious user or cybercriminal that the Trojan has been installed on the Mac, where they can connect and perform actions remotely, as well as potentially download additional components.
Intego warned Mac users not to download iWork 09 from sites which offered pirated software, but at the time of the alert it said over 20,000 people had downloaded the installer.
The attack comes just after Apple revealed that a serial number was not needed for the installation of the software, which would allow a user to install the software on as many Macs as they choose.
The top three IT pains of the new reality and how to solve them
Driving more resiliency with unified operations and service management
Download nowThe five essentials from your endpoint security partner
Empower your MSP business to operate efficiently
Download now
