Linked by Kroc Camen on Thu 22nd Jan 2009 17:52 UTC
Privacy, Security, Encryption "Intego has discovered a new Trojan horse, OSX.Trojan.iServices.A, which is currently circulating in copies of Apple's iWork 09 found on BitTorrent trackers and other sites containing links to pirated software. The version of iWork 09, Apple's productivity suite, are complete and functional, but the installer contains an additional package called iWorkServices.pkg." Update: A new variant has been discovered in a pirated version of Adobe Photoshop CS4, also information about one target of a DDOS attack coming from the trojan.
Thread beginning with comment 345058
To read all comments associated with this story, please click here.
After some debuging ...
by inetman on Thu 22nd Jan 2009 21:34 UTC
inetman
Member since:
2006-05-30

I found something interesting, nobody mentioned yet.

This Trojan comes along with a build in Lua interpreter, and (as mentioned on some security sites) with a small p2p client.

AFAIK it is relativly new that trojans bring their own scripting interpreters with them... Cool stuff somehow but OS X trojans(/malware) are still way behind their W32 pendants, this one for example doesn't even try to hide it self (no lib or kernel hooks) ...

Anyways you should be careful with this one since it is able to update itself.

Regards ;-)

Reply Score: 1