New Mac Trojan in Pirated Photoshop

Posted by: Stephen Wildstrom on January 26, 2009

osX_trojan_iservices_b_01small.png
The last few days have delivered two clear computer security messages that shouldn’t have been needed: Downloading pirated software is very, very dangerous as well as wrong and don’t assume Macs are immune to malware attacks.

Itego, the security software company that reported a nasty trojan in copies of iWork ‘09 available through BitTorrent now warns that a variant, OSX.Trojan.iServices.B, has turned up in pirated copies of Adboe Photoshop CS4

The trojan is actually hidden in the application that defeats Adobe's license authentication procedures and allows the cracked copy to be run. Like the iWork version, it creates a back door to the infected computer, which presumably would be used to control the Mac as part of a botnet.

In one sense, this new trojan may been more dangerous than the original. Even if your ethical sense is shaky, risking your computer to save $70 on iLife is dumb. The $500 retail price for a full version of Photoshop CS4 offers much greater temptation.

It's also looking like an increasingly good idea for Mac owners to run anti-malware software on their systems. Mac attacks have moved from proof-of-concept pranks to code with dangerous payloads. I expect such attacks to start showing up as drive-by downloads on Mac-centric Web sites. The lack of social engineering protections in the Safari browser, compared with Firefox or Internet Explorer, along with a general sense of complacency, may leave Mac users more vulnerable.

TrackBack URL for this entry: http://blogs.businessweek.com/mt/mt-tb.cgi/

Reader Comments

zato

January 26, 2009 03:13 PM

Another strange pirated Mac malware story. Why would someone put malware in pirated Mac software when they must know that 98% of the people who download this stuff also run a program called "Little Snitch" which will warn them if their computer tries to "call home"? The malware would be discovered immediately. Someone WANTS this malware to be discovered.

Steve Wildstrom

January 26, 2009 03:23 PM

@zato--The community of Mac users has to get over its collective denial regarding vulnerabilities. I don;t know where zato gets the statistic that 99% of users of pirated software run Little Snitch, but let's accept it. That's still 1% who don't and these attacks are typically based on very low success rates. Second, how can we be sure that iServices.B, which runs as root, isn't hiding its call home behind some innocent-looking process; I sure don't know enough about it to assure that.

Post a comment

 

About

BusinessWeek writers Peter Burrows, Cliff Edwards, Olga Kharif, Aaron Ricadela, Douglas MacMillan, and Spencer Ante dig behind the headlines to analyze what’s really happening throughout the world of technology. One of the first mainstream media tech blogs, Tech Beat covers everything from tech bellwethers like Apple, Google, and Intel and emerging new leaders such as Facebook to new technologies, trends, and controversies.

Categories

 

BW Mall - Sponsored Links

Buy a link now!