CNET también está disponible en español.

Ir a español

Don't show this again


Fake "Word 2004 Demo" trojan horse distributed

Fake "Word 2004 Demo" trojan horse distributed

A Macworld UK story covers a trojan horse for Mac OS X -- disguished as an installer for a "demo" version of Microsoft Word 2004 -- circulating through file sharing networks such Limewire and Gnutella. Launching the "demo installer" allows it to erase your entire home directory.

A clue that this isn't really a real demo installer is that the file is just over 100k but purports to install the full version of Word 2004. If you download such a file, or receive it from another user, do not try to launch or open it. (According to a Microsoft spokesperson quoted in the Macworld UK article, "Microsoft does not currently offer any Web downloads for Microsoft Office 2004...customers should always download from")

The trojan is simply an AppleScript application with a custom installer icon. When the application is launched, it uses AppleScript's ability to execute Unix shell commands in order to run a command that deletes the user's home folder. Since the user is the owner of his/her home directory, no authentication is needed.

Intego has accounced that the latest virus definitions for its VirusBarrier X anti-virus utility have been updated to protect against this trojan. We expect other OS X anti-virus developers to announce similar updates soon.

  • story
  • More from Late-Breakers