hairyfeet writes "Showing that the Apple Macs increased popularity has made it a more appetizing target for hackers, The The Washington Post is reporting that a new exploit tool released recently to exploit ARDAgent has been distributed until earlier today through an online forum for Mac Hackers.
After analysis of the exploit code noted security researcher Dino Dai Zovi stated this exploit is designed to be bundled into any legitimate downloadable Mac program,turning an otherwise legitimate program into an exploit toolkit capable of turning control of the computer over to hackers. According to Mr. Dai Zovi the program tries two different exploits to install itself without requiring the users username and password, the above mentioned ARDAgent and a privilege escalation vulnerability pacthed by Apple in 2006. Once installed it drops a keystroke logger called logext onto the infected system,followed by installing a listening VNC server to allow the attacker remote access."
Link to Original Source