Researchers have found the trojan embedded in pirated versions of Adobe Photoshop currently in circulation. The attack had previously been limited to pirated copies of Apple's iWork suite.
The malware does not automatically target any software vulnerability within OS X, instead it relies on "social engineering" to trick users into running it.
The trojan disguises itself as part of the application's installer package. Once installed on a system, the malware launches a "back door" program which allows an attacker to remotely access a targeted system.
An attacker could then be able to install code or copy personal information from an infected machine.
Neither of the legitimate versions of either product are infected by the trojan. The malware is only being distributed with pirated software.
McAfee researcher Pedro Bueno suggested that the attack could indicate a new phase of malware activity within the MacOS X world.
"Before this we saw mostly lame malware for Mac OSX, but the iWork09 Trojan represents a new element to Mac Trojans, sophistication," Bueno wrote in a company blog posting.
"This one contains peer to peer-like characteristics and even encrypts its traffic."
Bueno suggests that users exercise extreme caution when running applications which may be pirated or suspicious. The researcher notes that the practice of slipping malware into pirated software is not new, and has been a common practice on Windows for years.
"One thing to remember when dealing with pirated software is that you might have a high price to pay, in this case ending up a Trojan that turns your computer into a zombie," he wrote.
"Now this unfortunate trend has arrived on the Mac platform."
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
