iWork '09 Torrent Carrying OS X Trojan [Updated]
A security alert posted this morning by antivirus vendor Intego reveals that the company has discovered a new Trojan horse that is being carried by pirated copies of iWork '09 circulating on a number of torrent sites.
The Trojan, which Intego has classified as a "serious" risk and named OSX.Trojan.iServices.A, allows a malicious user to connect to an infected machine and perform various functions, as well as download additional software to the machine.
This software is installed as a startup item (in /System/Library/StartupItems/iWorkServices, a location reserved normally for Apple startup items), where it has read-write-execute permissions for root. The malicious software connects to a remote server over the Internet; this means that a malicious user will be alerted that this Trojan horse is installed on different Macs, and will have the ability to connect to them and perform various actions remotely. The Trojan horse may also download additional components to an infected Mac.
Intego reports that over 20,000 users had downloaded the package as of 6:00 AM Eastern time this morning, and an update to an entry posted on Intego's Mac Security Blog notes that the Trojan now appears to be actively downloading new code to infected machines and using them to carry out denial-of-service attacks on certain websites.
Update: Despite significant publicity surrounding this incident today, the infected iWork package remains active in the torrent community. In light of this continued activity, we have moved this report from Page 2 to our front page and are providing instructions for deactivating and removing the Trojan from infected systems.
1) (open Terminal.app)
2) sudo su (enter password)
3) rm -r /System/Library/StartupItems/iWorkServices
4) rm /private/tmp/.iWorkServices
5) rm /usr/bin/iWorkServices
6) rm -r /Library/Receipts/iWorkServices.pkg
7) killall -9 iWorkServices
OSX.Trojan.iServices.A appears to be the first significant OS X Trojan to advance beyond the proof-of-concept or pranking stage to engage in truly malicious behavior.
Update 2: MacScan has released a free utility to remove the Trojan from infected systems.
Apple released iOS 16.3 in late January following nearly six weeks of beta testing. The software update is available for the iPhone 8 and newer, and while it is a relatively minor update, it still includes a handful of new features, changes, and bug fixes.
Below, we've recapped new features in iOS 16.3, including support for physical security keys as a two-factor authentication option for...
Apple's VP of hardware engineering Matthew Costello and product marketing employee Alice Chan recently spoke with Men's Journal and TechCrunch about the new second-generation HomePod in wide-ranging interviews about the smart speaker.
Apple discontinued the original full-size HomePod in March 2021 after multiple reports indicated that sales of the speaker were lackluster, but Chan told Men's ...
Apple's next device with an Apple silicon chip may not be a Mac or an iPad, but rather an advanced external display, according to recent reports.
The display, which is rumored to arrive this year, is expected to sit somewhere between the $1,599 Studio Display and the $4,999 Pro Display XDR – but more exact information about the device's positioning and price point is as yet unknown. While ...
Apple appears to be preparing an iOS 16.3.1 update for the iPhone, based on evidence of the software in our website's analytics logs this week. It's unclear when the update will be released, but it will likely be available at some point in February.
The same logs have accurately foreshadowed the release of several previous updates, including iOS 16.0.3 and iOS 16.1.1 most recently, so they...
Apple has previously announced several upcoming iOS features that are expected to be added to the iPhone this year. Some of the features could be introduced with iOS 16.4, which should enter beta testing soon, while others will arrive later in the year.
Below, we have recapped five new iOS features that are expected to launch in 2023, such as an Apple Pay Later financing option for purchases ...
The Apple Pay Later service that Apple has in the works is set to launch "soon," Apple CEO Tim Cook told CNBC ahead of today's earnings call for the first fiscal quarter of 2023.
Cook said that Apple employees are beta testing the Apple Pay Later feature, which will help Apple boost services revenue. "It will be launching soon," Cook said.
Apple Pay Later was first previewed at the...
Google's Chromium developers are working on an experimental web browser for iOS that would break Apple's browser engine restrictions, The Register reports.
The experimental browser, which is being actively pursued by developers, uses Google's Blink engine. Yet if Google attempted to release it on the App Store, it would not pass Apple's App Review process.
Apple's App Store rules dictate...