Mac users hoping to download pirated copies of Apple's iWork '09 may get more than they bargained for thanks to a Trojan Horse that's embedded in versions of the app suite available from BitTorrent sites. According to the security company Intego, the Trojan Horse installs an application that could allow an attacker to remotely perform actions via the Internet on the user's Mac.
The Trojan, dubbed OSX.Trojan.iServices.A, is included as a payload in otherwise normal iWork installers, so users may not be aware that they have also installed malicious code on their Macs. Users that have downloaded and installed a pirated version of iWork '09 can check for iWorkServices in /System/Library/StartupItems. iWorkServices is the malicious payload that's installed along with iWork.
OSX.Trojan.iServices.A is not a virus and requires user interaction for installation. The best way to avoid installing malicious applications on your computer is to avoid pirated software, and to stay away from software sources that aren't trustworthy -- like warez and pirated software Web sites.