Apple users opting not to grab a free 30 day demo version iWork 09, or even cough up the bucks for a full retail version, have found themselves getting more than they bargained for. It appears that something in the region of 20,000 people have downloaded a pirated version of iWork 09 which comes complete with something called OSX.Trojan.iServices.A
According to Mac security specialists Intego the newly discovered Trojan poses a serious risk to OSX users. The iWork 09 BitTorrent download will install OK, but will also dump the iWorkService.pkg package onto your Mac which becomes a startup item with read, write and execute permissions for root.
The first thing it then does it let the bad guys know you have installed it by connecting to a remote server, and the bad guys then get control of your Mac. "The risk of infection is serious, and users may face extremely serious consequences if their Macs are accessible to malicious users" Intego says. Although the actual payload is unknown at this time, additional malware downloads to your already infected Mac are a given.
It seems the only 'cure' would be to format the drive and reinstall OSX. Let's hope that this helps get the message across that Macs are not immune to security problems.