The AppleScript-THT Trojan affects both Mac OS X 10.4 and 10.5. The new malware exploits a vulnerability with the Apple Remote Desktop Agent, thus granting itself root privileges.

The good news is that, for the time being, the only one responsible for the infection is the user himself: he has to download and open the Trojan in order to get infected.

According to SecureMac, the Trojan is currently distributed via a hacker-controlled website, with plans being laid out to further “promote” it via the iChat instant messaging client or the Limewire file sharing software.

Either way, Mac users should be aware of both a 60 KB compiled AppleScript, dubbed Asthtv05, and a 3.1 MB application bundle called Astht_v06.

However, if the infection does occur, do expect the Trojan to perform some (if not all) of the following:
– grant remote access to the system
– log keystrokes and transmit system and user passwords
– take screenshots
– take pictures with the built-in Apple iSight camera
– turn on file sharing
– open ports in the firewall
– turn off system logging