Pirated versions of Apple's iWork '09 are the latest vehicle for a malicious Trojan that is being used by hackers to access user information on Mac OS X platforms.
The Mac-only Trojan, known as OSX.Trojan.iServices.A, is circulating through copies of Apple's productivity suite iWork '09 found on BitTorrent trackers and other sites that contain links to illegal software.
An advisory was circulated by Mac security vendor Intego on Wednesday, warning Mac users of the iWork malware.
While the iWork '09 program is completely functional, the installer contains an additional package called iWorkServices.pkg, launched when the iWork '09 software is installed. The Trojan installer is downloaded as soon as the user requests an administrator password and begins installation of iWork. However, older versions of Mac OS X, such as 10.5.1 and earlier, won't require a password.
The malicious software is installed as a startup item where it has read-write-execute permission. It then connects to a remote server via the Web, alerting the attacker that the Trojan is actively targeting users' Macs. The attackers will then be able to connect to the affected computers in order to steal or view sensitive and financial information, or obtain remote access to user accounts. The Trojan may be used to download additional malicious code onto infected Macs and used for further criminal activity.
Apple released its latest version of iWork at the 2009 Macworld Conference & Expo, where it showcased changes to its word processor and spreadsheet applications.
In the Intego advisory, security experts advise users not to download iWork '09 installers from sites that promote pirated software, and recommends that users also avoid installing software from other questionable sources or suspicious Web sites.
"The risk of infection is serious, and users may face extremely serious consequences if their Macs are accessible to malicious users," Intego's advisory warned.
While the exact number of infected users is not yet known, Intego estimates that affected Mac users exceed 20,000.
Malware specific to the Mac is still a relative rarity, but not entirely uncommon, security experts say. Last year, coinciding with the first day of the MacWorld Conference & Expo, a rogue application known as MacSweeper, which spread only on Mac computers, solicited users to download and pay for a bogus cleanup program. However, users, mostly consumers, soon found out that the cleaning software failed to deliver on its promise to rid their systems of malware once they paid for it.
Security experts say that they expect to see more malware specifically targeting the Mac.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
