OSX/iWorkS-B another Trojan affecting dodgy downloads

Filed Under: Malware, SophosLabs

SophosLabs heard some reports today regarding another Trojan affecting dubious downloads from torrent (Intego and Graham Cluley). This Trojan, OSX/iWorkS-B, is affecting Adobe Photoshop CS4 downloads on torrent.

OSX/iWorkS-B has a similar modus operandi to OSX/iWorkS-A.

The differences mean that for the disinfection you will need to kill the service DivX instead of iWorkService.

sudo killall -9 DivX

Plus remove the folder /System/Library/StartupItems/DivX

sudo rm -rfd /System/Library/StartupItems/DivX

Network administrators who monitor network traffic should look for traffic to:

*freehostia.com:1024

OSX/iWorkS-B is yet another reason to have a security program on a Mac.

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s