A rare Mac OS X Trojan has been spotted on the internet. The AppleScript-THT Trojan horse exploits a vulnerability within the Apple Remote Desktop Agent to load itself with root privileges onto compromised Mac machines. The malware, which is capable of infecting Mac OS X 10.4 and 10.5 boxes, surrenders control of compromised systems to hackers.
Keystroke logging on compromised systems, taking pictures (using the built-in Apple iSight camera) or capturing screenshots are among the hacker exploits enabled by the malware, Mac security outfit SecureMac reports. The malware weaves its malicious spell while attempting to remain undetected by opening ports in the firewall and turning off system logging.