Got a tip for us? Share it...

Fake Microsoft Word 2004 Demo

Making the rounds today is news of a fake/trojan Word 2004 "Demo" Application on Peer to Peer networks.

The application, which appears to be a demo for Word 2004 erases the users Home directory under Mac OS X.

A Macworld reader alerted the magazine to the malware after he downloaded the file from Limewire. The reader told Macworld: "I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta. The file unzipped, and to my delight the Microsoft icon looked genuine and trustworthy."

However, he added: "I clicked on the installer file, and to my horror in 10 seconds the attachment had wiped my entire Home folder!"


Clearly, caution should be used with any applications downloaded from Peer to Peer networks.

Top Rated Comments

(View all)

101 months ago
Category: 3rd Party Software
Link: Fake Word 2004 demo file causes irradication of a mac\'s Home folder
Posted on MacBytes.com

Approved by Mudbug
Rating: 0 Positives / 0 Negatives
101 months ago
I love it. If you Pirate software you have to be ready for the consequences. A malicious file on the other hand should be the least of your worries.
Rating: 0 Positives / 0 Negatives
101 months ago
Now THAT"S funny.

I love his explanation: "I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta."

Yes, and we all know that downloading off Limewire would be much quicker than downloading from Microsoft's servers. Geez.
Rating: 0 Positives / 0 Negatives
101 months ago
Just out of curiosity, is there any way to tell, just by examining the file itself, that it is not actually MS Word 2004?

(And before I get a lecture about pirating software, I own a copy of Office X, which I paid for, and have no intention of upgrading to 2004.)
Rating: 0 Positives / 0 Negatives
101 months ago

Just out of curiosity, is there any way to tell, just by examining the file itself, that it is not actually MS Word 2004?


Nah, it's the whole problem of proving a negative.

When software gets released online, the real distributors will offer downloads directly, provide an official list of mirror locations, and/or supply checksums (usually MD5 hashes). Anonymous distribution channels like p2p networks are a really bad place to get executables or sources, unlless you can also get that checksum (and preferably size too) information from a trusted source.
Rating: 0 Positives / 0 Negatives
101 months ago

Just out of curiosity, is there any way to tell, just by examining the file itself, that it is not actually MS Word 2004?

I assumed your comment was a joke, i.e., you were pretending that it might have been MS Word 2004 itself that he downloaded, and that it had a small bug that wipes out your home folder.

If that's what you meant, good joke! :)
If that's not what you meant, then I claim that joke as my own! :p
Rating: 0 Positives / 0 Negatives
101 months ago
wow, now that's just got to suck :D

Unfortunately, this might just be the beginning - I'm sure more will be showing up soon...

:(

D
Rating: 0 Positives / 0 Negatives
101 months ago

I assumed your comment was a joke


No joke intended (rare for me, I know). Just wondering if there are any obvious (or not so obvious) give-aways that the file you've downloaded is not what it claims to be.
Rating: 0 Positives / 0 Negatives
101 months ago

No joke intended (rare for me, I know). Just wondering if there are any obvious (or not so obvious) give-aways that the file you've downloaded is not what it claims to be.


Well, in the case of this particular trojan it's easy, it's only 108KB, so there is no way it could be a demo of Word 2004.
Rating: 0 Positives / 0 Negatives
101 months ago
Ha! And here I thought it was more sophisticated than that. Talk about an obvious clue... :rolleyes:
Rating: 0 Positives / 0 Negatives

[ Read All Comments ]