Trojan Hides In Pirated Copies of Apple iWork '09

CWmike writes "Pirated copies of Apple's new iWork '09 suite that are now available on file-sharing sites contain a Trojan horse that hijacks Macs and leaves them open to further attack, a security company said yesterday. The 'iServices.a' Trojan hitchhikes on iWork '09's installer, said Intego, which makes Mac security software. 'The installer for the Trojan horse is launched as soon as a user begins the installation of iWork, following the installer's request of an administrator password,' Intego said in a warning. Once installed, the Trojan "phones home" to a malicious server to notify the hacker that the Mac has been compromised, and to await instructions."

Re: But, but....

[calmofthestorm]

Um most pirated software is clean of malware. The primary vectors are email and infected websites (often reputable ones that are compromised themselves, often due to sketchy)

The "piracy has VIRUSES!" myth is very much a content industry creation. I'm more concerned about malware in "genuine" software than pirated, and one more reason that I pirate things when I do. Of course, you -are- running an executable from a total stranger. At least "genuine" software makers have it tied to their name, so this could easily become truer.

Given that all three OSes have sudo, social engineering will ALWAYS work. Unless we take sudo away from average users (which is far easier to get away with on linux than windows and still have everything work smoothly)

If you're really paranoid, you might consider running your browser and mail client in a virtual machine