THE headlines seemed designed to alarm Mac users.

?Virus found in pirated copies of iWork ?09" and ?Mac pirates catch cold,? news sites blared last week. These were followed quickly by ?Second Mac trojan attacks pirated Photoshop CS4.? From these, it was just a hop, skip and jump away to ?Mac malware tide on the rise.?

Coming just a few days apart, these headlines seemed to portend a tidal wave of malicious software that was about to pummel and sweep away unsuspecting Mac users. Comeuppance for years and years of smug complacency, some Windows users clucked. Now that the Mac is gaining market share, expect more such attacks, others warned.

The truth was a little less exciting than the hype.

Here are the facts.

Both reports came from the same company, Intego, a Texas-based company that specializes in security and anti-virus software for Macs. In both instances, the malicious software was a trojan horse, not a computer virus.

The distinction is subtle but important: a computer virus can replicate itself by transferring its code from one infected computer to others over a network or removable media such as USB drives. A trojan does not have this ability and can only be installed if a user is tricked into installing it.

In the recent cases reported by Intego, the malicious software was found in pirated copies of Apple?s iWork 09 and Photoshop CS4 on BitTorrent trackers and other pirate sites.

OSX.Trojan.iServices. A is secretly installed as a startup item when a user gives his permission to install an infected copy of iWork. From there it can make changes to the operating system and connect to remote servers over the Internet to download more components to turn the computer into a part of a bot network.

OSX.Trojan.iServices.B, found on pirated versions of Adobe Photoshop CS4, is hidden inside a companion program that generates a serial number that is needed to install the application. Once installed, the trojan connects to the Internet, enabling a remote server to take control of the infected host.

Some 20,000 people have downloaded the infected iWork 09 while nearly 5,000 have downloaded the infected Photoshop, Intego reported.

Serious as the potential effects of these new trojan horses might be, the reports did not trigger any major alarm among Mac users.

On the Philippine Macintosh Users Group mailing list, the predominant sentiment seemed to be that even Mac users need to be careful where they get their software.

?I have no sympathy for anyone who got infected through a pirated torrent download. Really. you get what you pay for,? one member, mousehole, wrote.

Another member, csc2ky, said: ?Since this one requires the user to enter an admin account password it is very easy for the trojan to enter the system and open more doors for possible attacks. So anyone who is entering the admin password without using software... from a trusted source should rethink his way of computing.?

Of the 40-odd comments, only two said they would look for some kind of anti-virus program.

In the world of Windows, the normal procedure is to scan anything coming from the Internet, csc2ky said.

?But on the Mac, most users tend to open anything and everything without ever thinking it might carry some kind of malware that might hurt our Macs? operating system,? he continued. ?I myself adopted this not-so-smart behavior as well, but will definitely go on the search for some protection now. Better be safe than sorry.?

Armed with knowledge and common sense, most Mac users won?t even need anti-virus software. All they have to do to protect themselves is stay away from pirated software. If they can?t afford licensed software, they should learn to use free and open source alternatives such as OpenOffice and Gimp, which are also available on the Mac.

Of course, the spread of malicious software on the Mac?even on such a small scale?does take away some of the bragging rights about security that the community has enjoyed for years. But Mac users should take solace from the words of Ted Turner: ?If I only had a little humility, I?d be perfect.?

Column archives and blog at: http://www.chinwong.com