But in this particular case, the "try-before-you-buyers" could have satisfied their curiosity without resorting to any illegal activity, by downloading the trial version directly from Apple.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iWork '09 Torrent Carrying OS X Trojan
- Thread starter MacRumors
- Start date
- Sort by reaction score
But in this particular case, the "try-before-you-buyers" could have satisfied their curiosity without resorting to any illegal activity, by downloading the trial version directly from Apple.
Spain, France from this month on, Germany, Sweden (go to the pirate bay and read the letters they received from content producers, they're hilarious) and pretty much all european countries. That is changing, though, because companies are very powerful and there's a lot of money involved.
Anyway, new ways to get the content for free will be found. After all, in Europe downloading "illegal" contents is not really considered illegal by law, but just a civil offense and nobody can go past your data protection rights and figure out your identity behind an IP on the grounds of a civil offense. That's been ruled like that in Spain several times and also the European Union. Besides what Americans think, we still have some respect for personal freedom.
All they can do UK, France and soon Italy, is to order the desconnection of a particular IP from the internet, without knowing who is behind it. They do that know in France after three downloads (if they catch you, which is not so easy because of course it is against the law to monitor your communications and they have to basically get into the download networks and record your IP). There won't be further prosecution on the grounds of a civil offense.
I don't think Apple would want to risk being caught out for DDoSing various websites. There's no conspiracy here.
I doubt this "little man", whoever he is, wrote this trojan for any reasons quite so altruistic. Rather than intending to punish those who torrent, he was using tried and true methods of putting the trojan in something he knew people would download and give their password to without a second thought. This wasn't the work of a Mac vigilante, taking justice into his own hands, just a demented scientist (not really, just drawing from the same metaphor) inject his serum into the food supply of the degenerates of society.
I once felt like you, but there's a post not long after yours that explains my current position far better. Open-source alternatives are a far better option than piracy, and there's almost always a good alternative from the open-source community.
jW
It is a Trojan, not a virus. Don't download pirated software or other unknown software and you don't have anything to worry about.
From the description, it sounds like it doesn't spread at all.
Did you just admit to pirating it? That wasn't very smart.
Regardless of your whining, he IS using the word correctly. Just look it up in a dictionary. And quit being so thin skinned.
You mean safe, other than admitting to piracy on a forum?
While this is on pirated software for now it could be attached to any legit app. Sites could be hacked and it could attached to your favorite software.
Anyone could right apps now and attach the trojan to it themeselves.
There are many ways to spread this trojan that do not involve pirating software.
Anyone could right apps now and attach the trojan to it themeselves.
There are many ways to spread this trojan that do not involve pirating software.
bitching that people download a torrent doesn't really solve anything in my opinion.
I don't really understand Terminal either, so appreciate any more specific instructions for Terminal use -- mostly as an educational tool.
The Pathfinder suggestion is a good one. They offer a 30 day trial.
Also there is a post under Macbytes on this board (here) that sends you to a detection and removal tool, which is free
I don't really understand Terminal either, so appreciate any more specific instructions for Terminal use -- mostly as an educational tool.
The Pathfinder suggestion is a good one. They offer a 30 day trial.
Also there is a post under Macbytes on this board (here) that sends you to a detection and removal tool, which is free
I'm sure glad I don't pirate ANYTHING. I'll admit... back in the day (which was a Wednesday by the way) I used to pirate Apps and Music, but I am older and wiser now... I guess I grew out of it. It makes me feel better when I earn what I have instead of stealing it.
The principle still holds. If you are downloading software written (righten?) by people you don't know or trust, you are taking the risk that it could damage your system. Likewise, if you are downloading what you think is legitimate software but from a site that you cannot trace, you are taking the risk that the software has been modified. There is precious little Apple, Microsoft, linux afficianodos or anyone else could do about it.
The OS or the company that builds the computer is not at fault here. You are - and the person who wrote the trojan. Fortunately, it is pretty difficult to attach a trojan to a DL of legitimate open source software, likewise with software available from legitimate companies. It is reasonably easy to attach a trojan to something made available from untrackable torrents.
For everyone that has downloaded the pirated version, get the Trojan Removal Tool. That should get rid of the iWorkServices Trojan for good.
Sounds like the only people being affected by this would be people who illegally pirated a copy. Can't say I feel sorry for them at all in that case. What's next, people complaining that a vehicle they just stole breaks down on them? 
Serves them right - it's called karma.
In general though, it is good to know that these types of threats exist out there for Mac users - it's important from an educational and awareness perspective to be well informed on these matters.
Serves them right - it's called karma. In general though, it is good to know that these types of threats exist out there for Mac users - it's important from an educational and awareness perspective to be well informed on these matters.
Sounds like the only people being affected by this would be people who illegally pirated a copy. Can't say I feel sorry for them at all in that case. What's next, people complaining that a vehicle they just stole breaks down on them?
In general though, it is good to know that these types of threats exist out there for Mac users - it's important from an educational and awareness perspective to be well informed on these matters.
True that.
These threats are out there but they need user interaction to be installed. You're essentially installing an exploit for your machine. It won't spread simply by using a USB stick.
Lesson to learn. Shell out the money for the legal copy.
Just a comment:
Coming from a Windows world, I am quite impressed that 80% or more users in this thread are:
In many cases, in a normal (Non Hacking) Windows community, about 90% of its users can define on the top of their tongue what the difference between a virus and a Trojan is. And while many Windows users wont admit it, they don't pay for most of their music/software.
I've also noticed that some users in this Mac community seem to be more untrustworthy to pirated software ,than rather respectful for copyrighted work.
Coming from a Windows world, I am quite impressed that 80% or more users in this thread are:
- Against Piracy
- Somewhat illiterate when it comes to Viruses and Trojans
In many cases, in a normal (Non Hacking) Windows community, about 90% of its users can define on the top of their tongue what the difference between a virus and a Trojan is. And while many Windows users wont admit it, they don't pay for most of their music/software.
I've also noticed that some users in this Mac community seem to be more untrustworthy to pirated software ,than rather respectful for copyrighted work.
But very possibly not all the effects of the trojan - you may need to do a clean install to do that.
This Trojan is much more than a little program that hammers some website.
It's a 'bot' controller - it adds the infected computer to a large network of systems that are remotely controlled by a sinister force. It runs with root privilege, so that in essence it can be told to do anything, to download anything, to install anything, to modify anything. It could inject the bot controller into some other piece of software, so that removing iWorkServices doesn't help.
(If it's injected into a common app, you may never see it. Little Snitch may not even help, since you may have given the infected app network access.)
The security companies will be analyzing the situation. You can be sure that right now they have dozens of systems that have been deliberately infected, and they're tracing every action of the trojan. (Note that responsible companies would sandbox the infected app, so that things like the DDOS packets would not be sent to the target website.)
Keep an eye on sites like http://net-security.org/software.php?id=732 to look for new versions of the removal tool. If they see the trojan downloading other apps or making other modifications, the tool might be updated to clean up the secondary damage.
A sinister force? Wow, is that what they're calling basement-dwelling nerds these days?
I think people are losing sight of the fact that this is a rather largely distributed file with a malicious app attached to it. Regardless of if it's pirated or not. What if the guy downloads the demo and installs the virus. He could then get his trojan on all the honest people trying to be safe. I'm pretty sure he's not trying to "teach those dirty pirates a lesson." He just knew that after the release, everyone was going to want it.
From someone who hates virus scans (even on Windows), just don't be stupid. Watch what you download.
From someone who hates virus scans (even on Windows), just don't be stupid. Watch what you download.
The thing is painfully easy and obvious to spot , it put's something into your startup folder that is not hidden
And has an extra package that looks nothing like the normal Iwork one
I genuinely am amused at the hysteria , I've seen people on here suggesting it can "brick" your Mac also , which is ludicrous
And has an extra package that looks nothing like the normal Iwork one
I genuinely am amused at the hysteria , I've seen people on here suggesting it can "brick" your Mac also , which is ludicrous
Actually, according to some security sites, it is a very simple trojan. It just attacks (DoS) a server and is easy to clean with several tools that are already available for free. If it made it to the front page in several places is because is a Mac trojan, not for the technology used.
onslaught
Especially as magnificent a suite that iLife is. Garage band alone is worth the price of entry.
