Saturday, January 24, 2009

Pirated Software with Trojan Hits Mac OSX

People looking to get a copy of iWorks '09 for free got a little more than they bargained when they recently downloaded pirated versions of the latest iWorks application for Mac. The pirated program also contained a trojan which gains administrator access when the software is installed on the system.

The trojan portion of the program installs as a start up service and is called" iWorks Services."
The program then allows the trojan's author to control the machine remotely, having full access to the system. The author is then free to steal what ever information he wants off of your machine, or use it to launch attacks on other computers on the Internet.

So far, on 20,000 Mac users have downloaded the infected software from sites that offer the pirated software. This is a small number but should server as a wake up call to people who want to skirt the system and use pirated software. Really, if you do not want to pay the money, then just go open source and use Linux!

Here is a prime example of why licensed, commercially available software has its place in the market. If you want to get a copy of a particular program, you should stay away from the stuff that shows up on pirate sites. If you use the copyrighted and licensed iWorks program from Apple, then you'll be safe. Just have to pay the cash like everyone.

In theory, the same sort of shenanigans can occur with open source code as well. A malicious developer could attempt to stick something in their program that acts as a trojan. If they do then it would probably be pretty short lived, since it would stick out like a sore thumb to anyone looking at the code. It would be a pretty pointless exercise on their part with nothing to gain, which another reason why the open source model works well in term of system security.

No comments: