SecureMac last week posted a warning regarding a Trojan horse, AppleScript.THT, which affects Mac OS X 10.4 and 10.5.
SecureMac is a company that specialises in making anit-spyware software for Macs. The company posted a warning last Thursday detailing AppleScript.THT.
According to SecureMac, the Trojan gives hackers remote access to your computer and lets them do a whole bunch of stuff with your machine that you would no doubt be unhappy about. This includes logging keystrokes, taking pictures with the built-in iSight camera, taking screenshots, and turning on file sharing, not to mention transmitting system and user passwords.
SecureMac says the Trojan is currently being distributed from hacker websites and discussions on these sites suggest distribution through iChat and Limewire. Users must download and open the Trojan in order for their PC to be infected. AppleScript.THT is distributed as either a compiled AppleScript, called ASthtv05 (60 KB), or as an application bundle called AStht_v06 (3.1 MB). Upon download, the Trojan will move itself to the Library/Caches/ folder and add itself to the System Login Items.
The warning page advises users to run MacScan 2.5.2. Click here to read the advisory.
The warning comes the day before Apple patched a “Carpet Bomb” bug affecting users running the Safari browser on Windows and allowed attackers to download files onto a users desktop without their knowledge. Click here to read more.