A new variant of an Apple Mac Trojan Horse is now attacking pirated copies of Abode Photoshop CS4. While the actual Macintosh PhotoShop installer is clean, the Trojan horse is found in the crack part of the application that serializes the Adobe produc
Network security firm Intego has discovered another Apple Mac Trojan horse which is spreading itself through pirated copies of Adobe Photoshop CS4. When the Macintosh user runs the crack program to serialize the Adobe product, a Trojan horse is installed which compromises with network security and the computer.
“This new Trojan horse, OSX.Trojan.iServices.B, like the previous version, is found in pirated software distributed via BitTorrent trackers and other sites containing links to pirated software. OSX.Trojan.iServices.B Trojan horse is found bundled with copies of Adobe Photoshop CS4 for Mac,” Intego said in a statement.
Apple Mac users who don’t won’t to pay for software often try to find pirated copies. The Macintosh user will run a crack program which then installs the Trojan horse that can run as botnets on their computer. Botnets then connect to other servers waiting on instructions to steal identities or to distribute denial-of-service (DDOS) attacks.
A recent Trojan horse was also found over the weekend in pirated copies of Apple iWorks 09. These Trojan horses have the ability to open backdoors in the computer which gives access to Internet intruders. This also compromises with network security and could potentially harm the Apple Mac computer.
“The crack application extracts an executable from its data, than installs a backdoor in /var/tmp/, a directory which is not deleted when the computer is restarted. If the user runs the crack application again, the Trojan horse creates a new executable with a different name; these random names make it harder to ensure safe removal of the malware,” Intego said.
The Adobe PhotoShop CS4 crack application then prompts the Mac user for the administrator password. This executes a backdoor with complete root privileges. While it allows the use of PhotoShop, the Trojan runs as a service and will make periodic connections to two servers.
Some computer users take the chance to install pirated copies of software to avoid paying for the product. These Trojan horses and worms do spread across the Internet and will harm other potential victims. It is not worth the hassle or risks.