Reports of new Mac Trojan horse in pirated version of iWork ’09

Graham Cluley
Graham Cluley
@[email protected]

iWork 09

We’re investigating reports of a new Trojan horse capable of infecting the Apple Mac OS X platform.

The Trojan, which is being called “iWorkServices” or “iServices” by some, has been distributed via BitTorrent inside a pirated version of Apple’s new iWork ’09 suite.

Ironically, hackers have used a pirated version of iWork ’09 as a “host” for the malware, just as Apple loosened up anti-piracy protection in the package.

Sign up to our free newsletter.
Security news, advice, and tips.

Whereas previous versions of Apple iWork required users to enter a serial number when installing from CD ROM, the new version allows users to install the software on as many computers as they like – without apparent repercussion.

Of course, you should never download copyrighted commercial material via peer-to-peer file-sharing sites. Not only might you be breaching copyright, but you could also be risking a malware infection.

It should be remembered that malware affecting Apple Macs is much less frequently encountered than it is by their Windows-using counterparts. But that doesn’t mean the problem is non-existent, and it’s no excuse for Apple users to have their head in the sand when it comes to security.

Apple Mac users should apply common sense and properly defend their computers and data from security threats with up-to-date anti-virus software, firewalls and security patches.

Pirated version of iWork '09

SophosLabs has received a sample of the malware, which we detect as OSX/iWorkS-A.

Update: You can learn more about the OSX/iWorkS-A threat in this blog post by Paul Baccas of SophosLabs.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.