Trojan found in pirated Apple iWork software

Intego warns about Trojan horse in Apple iWork '09 software found on pirate sites.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Jan. 23, 2009 11:55 a.m. PT

Internet security firm Intego said on Thursday that it has discovered a new Trojan horse in pirated copies of Apple's iWork '09 productivity software that could allow an attacker to take control of the infected computer.

The Trojan horse, OSX.Trojan.iServices.A, discovered circulating in copies of the software on BitTorrent trackers and other pirate sites, is rated serious, according to Intego's security alert.

When iWork is installed, the Trojan is installed as a start-up item as a part of iWorkServices. It has read-write-execute permissions for root control of the computer, Intego said. The malware connects to a remote server over the Internet and may download additional components to the infected computer.

As of early Thursday, at least 20,000 people had downloaded the iWork '09 installer, according to Intego.

Meanwhile, an Italian researcher has uncovered a way to inject malicious code into memory of OS X-based computers, which would enable attackers to easily hide their activities, according to The Register.