In less than a week, two different forms of Trojan horses have invaded Macs whose users downloaded pirated copies of first Apple iWork 09 and now Adobe Photoshop CS4.

As of Monday morning, 21,000 people had downloaded the first Trojan horse in a pirated copy of iWork, according to Intego, a UK-based developer of privacy and security Relevant Products/Services software for the Mac. The second Trojan horse in a pirated copy of Photoshop had been downloaded 5,000 times.

"If we extrapolate the total number, it is twice that," said Peter James, a spokesperson for Intego. The company is warning Mac users to avoid downloading pirated software.

Security analyst Jose Nazario of Arbor Networks advised, "Pay for your software. It is not antivirus, it is not patch. There is no vulnerability other than your gullibility."

Backdoor Installed

The Photoshop exploit, OSX.Trojan.iServices.B Trojan Horse, considered a serious threat, is found in pirated software distributed through BitTorrent trackers and other sites with links to pirated software. The virus is bundled with copies of Adobe Photoshop CS4 for Macs through an application that serializes the program.

Users who download the pirated software will first run a crack application that installs a backdoor director. Once installed, the malware sends an alert to the creator, which can then connect to the infected Mac and take control.

Because the Trojan horse creates a new attack with a different name, it's more difficult to remove.

"The software installed could do a whole lot of stuff and can be downloading new or totally different software, and leaves open the possibility of keystroke loggers," James said.

"Basically it forces computers to join a peer-to-peer botnet," Nazario said. "If they want to install DDOS agent, which is one of the things they can do with a botnet -- they can do that."

And they have, according to James, who said his company has watched computers actively participating in DOS attacks.

Valentines Day SMS

A Market for Malware

Nazario said the motivation behind the attacks is hard to read. "I don't think it is necessarily targeting pirates; rather, it is more of proof of concept on the Mac," he said. "It is someone exploiting the Mac."

James has his own theory. "People out there in the malware industry are realizing that by not targeting the [Mac] market, they are missing out on an incredibly large market share," James said. "Mac people have been in the minority for some time and the Apple market share is growing quarter to quarter."

Malware coders may also realize that the Windows market is increasingly difficult to penetrate, according to James.

"Mac users have been complacent and don't have the reflex that Windows users have," he said. "People behind malware realize the Mac users are not security savvy."

Another Trojan Horse Stalks Mac Software Pirates

It is quite simple really, pay for the software! Developers have spent literally thousands of hours indeveloping new software.

MoobsUK

I couldn't agree more with MoobsUK - if people dont want there Mac infected with Trojan's - don't download dodgy software - they only have themselves to blame!

Its not as if this would be included with a legitimate copy of Adobe is it!

QubixTech

Glad I don't own a Mac! I'm glad I have a disaster recovery tool on my own pc. There's nothing worse than when your computer goes nuts and you can't use it. Especially if you need it for work.

I guess the lesson here is don't install hacked software. Go buy it!

lol, glad I don't have a mac. I have never had a virus or spyware on my mac, on the pc there are millions of them, so Im not that worried about this virus.

That said I wish the trojan makers would stick to messing with pc stuff.