New Mac Trojan Comes In Adobe Photoshop CS4
Distributing malware aimed at Apple computers seems to be popular nowadays: a new Trojan has been discovered to lurk on the web, only a few days later after the malware infecting iWork 09.
January 28, 2009
As expected, the Trojan itself is found in a crack application that serializes the program, while actual Photoshop installer is clean. When launched, the crack will ask the user to input the administrator password, thus granting the malware with root privileges.
Then, it extracts an executable from its data and installs a backdoor in /var/tmp/, a directory which is not deleted when the computer is restarted. Even worse, if the crack is to be run again, it will create a new executable with a different name, making it much harder to be detected and removed.
According to Intego, 5,000 people had already downloaded the infected application.