Mac trojan horse discovered in pirated Photoshop  

Posted by: shilpz in , ,

Security software firm Intego reports that pirated copies of Adobe Photoshop CS4 may contain a variant of the “trojan horse” malware first reported in copies of Apple iWork ‘09 last week.OSX.Trojan.iServices.B is what the malware is being called. It affects some copies of Adobe Photoshop that are being distributed through pirate software sites. According to Intego, “The actual Photoshop installer is clean, but the Trojan horse is found in a crack application that serializes the program.”

The crack application installs a backdoor in the /var/tmp directory, copies an executable to /usr/bin/DivX and saves the root hash password in the file /var/root/.DivX, according to Intego. It then listens on a random TCP port and attemps to make repeated connections to two IP addresses. Intego concludes that the creator of the malware intends to be alerted through this method and may have the ability to connect to affected Macs and perform various actions remotely.

“The Trojan horse may also download additional components to an infected Mac,” reads Intego’s security alert.

Mac users concerned about this issue are advised to install and run security software to protect themselves. Obviously, the best practice remains to only acquire your software legitimately and through trusted sources.

This entry was posted on Monday, January 26, 2009 and is filed under , , . You can leave a response and follow any responses to this entry through the Subscribe to: Post Comments (Atom) .


Post a Comment