Users who recently decided to pirate a copy of iWork ’09 might end up paying the price after all. A security alert was recently issued for Mac users who installed pirated versions of iWork, noting that the pirated version of Apple’s competitor to Microsoft Word contains a dangerous trojan horse.
Reports indicate that over 20,000 copies of the pirated software have already been downloaded. As an aside, I’m genuinely shocked that there are 20,000 people who are so keen on iWork that they decided it was worth downloading for free. Since when did word processing and spreadsheets become so alluring?!
The trojan horse launches when the iWork installer is first run, and according to Macworld:
The malicious software connects to remote servers over the internet, so a malicious remote user will know that the program has been installed. The malicious user will be able to connect to the infected Mac and perform various actions; the Trojan horse may also download additional components to an infected Mac.
Wiping your system clean of the trojan is no easy task, and for the time being, infected users might find that their best bet is to do a clean install of their OS. To find out if you’ve been infected, Macworld suggests the following:
Look in /System/Library/StartupItems for an item named iWorkServices. If it exists, you’ve been infected with this Trojan horse.
Easy enough. And let this be a lesson to all you pirates out there – it’s one thing to pirate music, movies, and TV shows, but when you pirate iWork, you better watch your back!
Lastly, if you’re one of the unlucky saps who got infected, SecureMac has released a free tool to remove the iWorkServices Trojan Horse called iWorkServices Trojan Removal Tool. Check it out.