
The productivity suite was reported s being “complete and functional”, but also having one extra feature: an additional package called iWorkServices.pkg. The package is installed alongside the suite ( the Trojan installer is launched when the user begins the installation of iWork) and will be added as a startup item.
The malware will be given read-write-execute permissions for root, will connect to a remote server and further download whatever malicious software its creators might desire.
Intego notes that over 20,000 Mac users have already downloaded the infected pack (and most possibly got infected).
Be the first to write a comment.