The iServices trojan horse that first appeared in pirated copies of iWork '09 appears to have been added to a cracking application that adds serial numbers to stolen copies of Photoshop CS4. The new variant of the trojan horse has been dubbed OSX.Trojan.iServices.B, according to the security company Intego.
The cracking application that installs the trojan horse is bundled with copies of Photoshop CS4 that are available via BitTorrent sites. When run, it creates a backdoor with Root user privileges into the user's Mac, alerts a remote server, and allows a remote attacker to execute commands on the user's Mac.
Like the OSX.Trojan.iServices.A trojan that this new variant copies, it is not a virus and requires user interaction for installation. Avoiding this trojan horse is simple: Don't install software that you don't legitimately own, and avoid Web sites, like pirated software and warez sites, that aren't trustworthy.