AppleScript.THT comes either as a 3.1 MB application dubbed AStht_v06 or as a 60 KB compiled AppleScript script called ASthtv05. Once a user downloads and runs one of those executables, their system is infected.

The Trojan allows malicious users to transmit system- and user- passwords, at the same time avoiding detection by opening ports in the firewall and turning-off system logging. In addition, it can log keystrokes, take pictures with the built-in Apple iSight camera, take screen-shots, and turn on file-sharing.

Like any Trojan horse, AppleScript.THT does not spread on its own but relies on user actions, such as downloading and launching, to infect a machine. Trojans can also be silently introduced on a computer if it’s injected after a successful attack using another vulnerability, such as a browser bug.

Ironically enough, the best defense against this threat is to turn on Remote Management in the Sharing Preference Pane — having the feature enabled thwarts an attack.

———————–
Make sure your PC is free from dangerous Adware and Spyware. Click here for a free scan

A large security hole in the Windows version of Safari has security researcher Nitesh Dhanjani believing that malicious users could exploit the browser with what he calls a “Safari Carpet Bomb”.

“This can happen because the Safari browser cannot be configured to obtain the user’s permission before it downloads a resource. Safari downloads the resource without the user’s consent and places it in a default location (unless changed),” Dhanjani said, warning that it could be used as a drive-by malware distribution mechanism.

Although Dhanjani praised Apple’s security team for its rapid response to his queries, he also noted that the Cupertino, Calif.-based computer and consumer electronics maker passed on updating Safari to lock out such attacks.