2009
Discovered by Symantec in 2009, iWorkS was first identified in a version of the iWork 09 suite that popped up on file sharing sites with a trojan horse added to the installer. The incident was noteworthy for a few reasons: iWork is and was a fairly popular software suite, and, according to Symantec at least, the deepening recession at the time was causing more and more users to pirate software rather than pay for it. The real danger though, was the software actually worked. The trojan was packaged with the actual iWork application, so the Mac users, many of which do not use an antivirus solution, would have no reason to suspect that their machines had been infected because of the download. The trojan itself communicated with a remote server and was intended to scan machines for data, and track Internet history and keystrokes.
