Back to Mobile View

Skip to Content

BitTorrent copies of iWork '09 may contain nasty Trojan

Intego has released a security alert for a Trojan horse circulating in copies of iWork '09 downloaded from BitTorrent trackers and direct download (read: not official, but warez-esque) sites. The Trojan, known as OSX.Trojan.iServices.A is actually pretty clever: it exists as a package within the actual iWork '09 installer (meaning you can't see it unless you view every package in the installer bundle). Then when the installation begins and asks for your administrator password (which is what a non-infected version of iWork '09 would do), the Trojan package will install itself as a startup item in the /System/Library/StartupItems folder, where it has root permissions.

Once this service is on your system (and it is called something that sounds innocuous: iWorkSerices), it will connect to a remote server online, making your computer a target for other malicious downloads and remote operations.

It is important to note that the iWork '09 files on these downloads are not affected in any way, they are merely a catalyst to get this Trojan on your system.

Intego has updated their virus definitions for its VirusBarrier programs. We recommend not downloading software from untrustworthy or unofficial sources. And you know, paying for a legitimate iWork license.


Categories

Software iWork Security

Intego has released a security alert for a Trojan horse circulating in copies of iWork '09 downloaded from BitTorrent trackers and direct...