The Macintosh platform is again under attack by malicious cipher writers. that duration, it’s a Trojan horse that could compromise machines running Mac OS X 10.4 or 10.5.

Antivirus firm SecureMac claims to have discovered multiple variants of a Trojan horse being distributed from a hacker Web site. The site hosts a discussion on distributing the Trojan horse through iChat and Limewire.

The Trojan, distributed as either a compiled AppleScript called ASthtv05 or as an application bundle called AStht_v06, exploits a recently discovered vulnerability with the Apple Remote Desktop agent. The ARD allows the Trojan to run as root.

According to SecureMac, the Trojan runs hidden on a Mac and allows a malicious user complete remote access. The Trojan can transmit system and user passwords, and avoid detection by opening ports in the firewall and turning off system logging. The AppleScript version, SecureMac reported, can plus log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and

turn on file sharing.

Fortifying a Mac

While it’s true that hackers and malware authors target Macs far less frequently than Microsoft Windows PCs, that doesn’t mean Mac users can disregard common sense in securing their computers, according to Carole Theriault, senior safety measure consultant at Sophos.

“In the last 12 months we have seen growing evidence that cybercriminals — although still focusing in the main on the Microsoft platform — have shown an increase in interest in seeing whether there is an opportunity to hack into Mac computers for financial gain,” Theriault noted.

Although the problem is much smaller than on Windows, she added, Mac users would be wise to run an antivirus program, keep up with defense patches, and exercise care about which programs they install.

The Threat Behind the Threat

Sophos has labeled the new Trojan “OSX/Hovdy-A.” According to its monitoring service, the prevalence is…

Orginal post by Top Tech News