Two Mac viruses were discovered over the weekend. SecureMac and Intego Security reported that Trojans in the wild have the potential to cause serious damage to Mac desktops. One comes wrapped in a poker application and the second, and more nefarious, takes advantage of the ARDAgent.

AppleScript.THT comes either as a 3.1 MB application dubbed AStht_v06 or as a 60 KB compiled AppleScript script called ASthtv05. Once a user downloads and runs one of those executables, their system is infected.

The Trojan allows malicious users to transmit system- and user- passwords, at the same time avoiding detection by opening ports in the firewall and turning-off system logging. In addition, it can log keystrokes, take pictures with the built-in Apple iSight camera, take screen-shots, and turn on file-sharing.

Like any Trojan horse, AppleScript.THT does not spread on its own but relies on user actions, such as downloading and launching, to infect a machine. Trojans can also be silently introduced on a computer if it’s injected after a successful attack using another vulnerability, such as a browser bug.

Ironically enough, the best defense against this threat is to turn on Remote Management in the Sharing Preference Pane — having the feature enabled thwarts an attack.

———————–
Make sure your PC is free from dangerous Adware and Spyware. Click here for a free scan