Second trojan found in pirated Mac software
Another trojan is planted in a program to take advantage of computer users downloading pirated copies of Adobe Photoshop CS4.
The second Trojan threat to Apple Mac users in less than a week had been found, this time in pirated copies of Adobe Photoshop CS4.
It is a new variant of the original trojan found in Apple iWork 09, and like the previous malware is found on BitTorrent sites which have links to pirated software.
The actual Photoshop CS4 installer is clean, but the crack application needed to serialise it and run the program circumventing its copy protection contains the trojan.
If the Mac user is infected, they are at risk of having a remote hacker take control of their computer, who could launch spam, a distributed denial of service (DDoS) attack or steal an identity.
Like the previous attack on iWork, thousands of people were willing to download the pirated software. At the last count, security firm Intego counted 5,000 people who had downloaded the installer from a major BitTorrent tracker site.
Intego advised users that they should not download any cracking software from sites that give away pirated software.
Graham Cluley, senior technology consultant as Sophos, said that although this was only found on pirated software so far, there was nothing to stop hackers from spreading it using other ways - such as planting it on real websites or spamming it through email.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
He said on his blog: "Mac malware is nothing like as commonly encountered as malicious code on Windows PCs.
"But that's no excuse for Apple users not to properly defend themselves and take sensible precautions to ensure they are not putting their computers, data and identities in danger."
The first iWork version of the trojan has already been seen downloading new code to infected computers, which were used in a DDoS attack on certain websites.