Unfortunately, it looks like Mac OS X users are going to have to wipe off at least one smug smile of superiority. For some time now, Mac people have touted the vastly increased security that comes from owning a Mac, and this bragging has always been backed up with one vital statistic: there are no major viruses or trojans that affect Mac OS X.

All that now is coming to an end. As has recently been reported all over the Mac blogosphere, a new trojan has created the first-ever Mac botnet, which has been actively working on the internet since infiltrating unsuspecting users computers in January via pirated iWork ‘09 installers leaked to torrent trackers and binary newsgroups.

Have you been infected? The Apple Blog shows how to check, and includes a guide to cleaning the malicious crapware off your system. The article shows a few quick terminal commands for checking if the trojan exists on your system. It also gives a link to a free utility from SecureMac for wiping the trojan away.

Of course, this particular trojan certainly relies on user intervention in order to gain access to a computer. In that regard “iworkserv” demonstrates an old truth of computer security: you can build the most reliable, secure system possible, but that system can still be compromised so long as a malicious application can persuade a user to give up his or her administrator password.

It seems that the promise of quick and free Mac warez, coupled with a false expectation of security, led to this botnet. Paying closer attention to what you download and where it’s from is a good way to maintain good system security. Also, staying away from warez is usually a good idea. So perhaps a lesson to Mac users is: be careful what you download. It’s something that the Windows world has had to live with for a long time.

If you enjoyed this post, make sure you subscribe to my RSS feed!