| Subcribe via RSS

Mac OS X: a Trojan in the pirated versions of iWork’09

January 26th, 2009 Posted in MacOS

security trojan virus Mac OS X: a Trojan in the pirated versions of iWork09We could talk about karma, or beautiful sayings like “This is believed to be taken”, but the purpose is the same: Mac users who have downloaded some pirated copies of iWork’09 productivity suite have been infected by a horse of Troy.

The Trojan software center

Security is definitely not a part of Koh Lanta and-no “totem of immunity can not be won. At least 20 000 Mac owners have indeed said that it would be interesting to get the latest version of Apple’s office suite, but without paying the 79 dollars / euros requested. So they went to pick up their favorite tools P2P and recovered a pirate copy. Unfortunately, the copy contained a Trojan, named for the occasion by the publisher OSX.Trojan.iServices.A security Intego.

The ugly horse becomes comfortable in the Mac OS X at the same time as the software itself. It is in fact present in a package named iWorkServices.pkg itself into the body later. So when the user allows the application to settle, the Trojan can jump for joy and start to undermine its work.

It begins by defining it as a startup item and will be relaunched at each switch on the machine. It has all the necessary permissions (reading, writing and execution) to operate in “root”, and can connect to one or more remote servers to communicate with a character obviously malicious, or to download other components to infect machine.

Without antivirus there is no salvation

This is not a virus OSX.Trojan.iServices.A can not spread a Mac to another. It does not a specific security hole. In fact, at present, the only way to catch it is to install a pirated copy of iWork’09 specially designed to spread the infection. But how to get rid of?

Unfortunately, unless you have an antivirus program like VirusBarrier X4 or X5 Intego, you can not clean your system by yourself. To find out first whether you are infected, check the presence of an element named iWorkServices StartupItems in the directory, which is located in System / Library. If so, and you do not have antivirus software, the only solution is a formatting system.

The Trojan indeed replicates itself in other files. You can not trust any of the applications that are present on your hard disk, and resettlement will have to go through the CD and DVD in your possession to be sure not to reinstall a copy of the malware.

Obviously, the best way not to be bothered by such problems is not to look for pirate copies of iWork’09. One can even generalize that it is impossible to know in advance if a pirated version of software has not been “tampered with, unless you have a good antivirus update. But this is not always enough.

Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
Tags: , ,
This entry was posted on Monday, January 26th, 2009 at 02:13 and is filed under MacOS. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Hey.lt - Nemokamas lankytojų skaitliukas
Add to Technorati Favorites
Do you crave mobility? Do you love online slots? Do you adore your Apple iPhone? If you answered yes to any of these, do this now: Download the brand, spanking new iPhone casino. You will be blown away as this phenomenal new product makes waves around the world.