SecureMac is offering for download a free iWork 09 Trojan removal tool for those that downloaded and installed pirated copies of the iWork 09 suite.

We reported on the trojan yesterday and it seems as if this one could be seriously destructive. If you’ve downloaded and installed a pirated copy of iWork 09, SHAME ON YOU! Stealing is wrong and you got what you deserved. Now that we have that out of the way, heres the link to the SecureMac removal tool. It goes without say but we’re going to say it anyway: use at your own risk and we are not responsible for any damages that resulted from you downloading and installing pirated software or the use of the aforementioned removal tool.

Tags:trojans

Security firm Intego has issued a security alert for users of pirated copies of iWork 09. According to Intego a new trojan horse, OSX.Trojan.iServices.A, is circulating in copies of the iWork 09 suite that have been posted to BitTorrent and other sites where pirated software is shared. Apparently the software is functional but the installer contains an additional package called “iWorkServices.pkg” which is installed during the iWork installation.

“This software is installed as a startup item (in /System/Library/StartupItems/iWorkServices, a location reserved normally for Apple startup items), where it has read-write-execute permissions for root. The malicious software connects to a remote server over the Internet; this means that a malicious user will be alerted that this Trojan horse is installed on different Macs, and will have the ability to connect to them and perform various actions remotely. The Trojan horse may also download additional components to an infected Mac.”

Let this be a lesson to all you software thieves. If you download and use pirated software you open yourself up to this type of malicious attack. Moral of the story: don’t steal software!

[UPDATE]

MacRumors has posted instructions on how to remove the trojan for those that have downloaded and installed the suite. We still say serves you right!

Tags:trojans

Computer security firm Intego is warning today of MacGuard: a bogus website that claims to sell Mac security software. Once a gullible web surfer gives them credit card info Intego states,

it is likely that you will find additional charges on your credit card. ArsTechnica reports that more than 30 million people have been scammed by such software.

The bogus software claims to search your hard drive for Adware, Spyware and Trojans and then rid your system of these vile, malicious creatures. It also claims to do this in realtime so new threats will never even reach your desktop.

So, intrepid AYAAW readers, beware and be on guard for MacGaurd.

Disclaimer: We here at AYAAW don't use any type of security or virus detection software, just OS X's built in firewall. Seems to us that since there are NO KNOWN viruses and only a couple trojans (which you have to download and install) that can affect OS X there simply is no reason to buy this type of software. Prudent and wise internet surfing is advised and for the love of God don't download anything from an untrusted, unknown website. The biggest threat to OS X users are sites that use social engineering to lure people into downloading and installing malware or to divulging confidential personal information like credit card numbers. Just don't fall for either and you should be fine.

Disclaimer 2: We're not saying not to buy software to secure and protect your Mac. That would be reckless of us and we would never advise that. All we're saying here is that WE don't use this type of software and until there is a credible, non social engineering type threat, we're not going to lose any sleep over it. We practice safe surfing here as we're sure you do.

Tags:malware, trojans, social engineering, phishing

Apple today released Security Update 2008-007 :

Security Update 2008-007 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update.

Click for more info.

Tags:update