Pirated copies of iWork 2009 carrying malicious software
- 2
- Add a Comment
According to MacRumors.com, there has been a security alert issued concerning pirated copies of Apple’s iWork ’09 software that has been in circulation around the bit torrent sites. The trojan, OSX.Trojan.iServices.A, allows an unwelcome user to connect to the infected computer and do things such as control certain functions on the computer as well as download additional software. According to the article, over 20,000 people have downloaded the illegal torrent file and are likely infected if they have installed it. These are the steps that MacRumors.com recommends for getting rid of the trojan at this point:
1) (open Terminal.app)
2) sudo su (enter password)
3) rm -r /System/Library/StartupItems/iWorkServices
4) rm /private/tmp/.iWorkServices
5) rm /usr/bin/iWorkServices
6) rm -r /Library/Receipts/iWorkServices.pkg
7) killall -9 iWorkServices
The fact that there is now a virus for the Mac is not that surprising considering that all computer systems are vulnerable. There have been lesser known trojans on the Mac but they have affected relatively few users and have mostly relied on social engineering methods to get the users to download and install the software - which, of course, this does as well - so as long as you haven’t pirated iWork 2009, you should be fine.
2 Comments
Ryan Taylor
February 17th, 2009
at 12:43am
I personally think, if you really cant afford iWork, and your gonna pirate it you should just download the trial, and use a serial!
But I think I’ll stick with my genuine copy of iWork thanks!
mga
October 28th, 2009
at 3:33pm
this process just tells you how to delete all iwork-related files from your drive not how to detect if you have a vulnerable/compromised system. you might as well say: “if you installed an illegal iwork, uninstall it and delete all iwork-related files”
pointing to a virus-checking service/software would actually be helpful.