iWork '09 already being pirated, downloaders at risk for trojan horse attack
Just after Apple made things easier for pirates by removing iWork's serial protection, hackers are now using the software to spread malware.
Life has never been easy for pirates. From walking the plank to getting sued by the RIAA, it's one tough break after another. The more ethical among us get the message that crime doesn't pay, but that doesn't stop the rest from trying to save a few dollars.
When we heard the other day that Apple was toning down the copy protection in the latest version of its iWork productivity pack, it seemed like a good thing. Not only does not having to worry about serial numbers make things easier for legit owners, but Mac piracy has never been as prevalent as PC piracy, and considering how tiny the Mac market share is overall, there just doesn't seem like there'd be many Mac pirates out there to take advantage of Apple's goodwill.
Still, some enterprising Mac pirates have copied the software and made it available on BitTorrent already. As if a message sent from the copyright gods to remind us to stay on the straight and narrow, it turns out that some of those BitTorrent copies are riddled with Mac trojans.
If you pick up one of the infected copies, the trojan lodges itself in your startup files, escalates its rights to root, and contacts a remote computer, awaiting instructions. There's no telling what the trojan's author will use the compromised machines for, but the usual results include identity theft, sending out spam, or remotely attacking other computers. Over 20,000 pirates have downloaded infected copies so far. Mac anti-virus solutions should be able to spot an infection.
This story around the web:
- Trusted sources:
Mac Trojan Horse OSX.Trojan.iServices.A Found… [Techmeme]
-
Intego Security Alert - Mac Trojan Horse… [intego.com]
Get more information on topics relating to this story:
- Related company news:
- Apple
- Related glossary terms:
- Spam, Trojan horse
- Related brand news:
- Apple iWork
- Related devices and services:
- Apple iWork '09
Sony PS3 Slim image gallery
Comments (2)
Add a comment Inappropriate or promotional comments may be removed.
John
(8:20 AM on Sat Jan 24, 2009)
"There's no telling what the trojan's author will use the compromised machines for, but the usual results include identity theft, sending out spam, or remotely attacking other computers."
That's exactly what it did. "Why?" is more the question. This thing launched a botnet attack on my site, nearly crippling our business. This has been published at the Washington Post with further details:
http://voices.washingtonpost.com/securityfix/2009/01/pira...
mitchel (12:47 AM on Thu Oct 8, 2009)
The Trojan program, called Backdoor-CGT, is a new form of a Trojan horse installed after e-mail recipients using Microsoft Outlook follow a Web link embedded in an e-mail message. The Trojan horse is believed to have infected thousands of systems on the Internet since appearing early Tuesday, pocket watches even though antivirus software and up-to-date versions of Outlook are immune to attack, according to Maksym Schipka, senior antivirus researcher at MessageLabs in the U.K. MessageLabs received more than 360...0 e-mail messages with links to the Trojan horse during a two-hour period early Tuesday, the result of a massive and uncharacteristic spam distribution more than ten times what is normal for such a program, Schipka says. Trojan horse programs give remote attackers access to or control over machines on which they run, and often run unnoticed by computer users, or pose as legitimate software applications. swatch watches The Backdoor-CGT Trojan uses a "multistage" attack to place malicious code on victims' computers. After clicking on an e-mail link embedded in the spam message, victims go to a series of Web sites, each of which carries out one stage in the attack. movado watches The attack takes advantage of a now-patched flaw in Outlook called the "IFRAME" exploit to hide the Trojan Horse Protection redirections from the user and silently download and install the Backdoor-CGT program, Schipka says.