MacDailyNews reports on a news release from a security company called “Intego” about a new trojan horse aimed at Mac users. The Trojan, dubbed “OSX.RSPlug.A” (a variation of “Zlob”) is malware, and is real. So, has the Mac’s famed security failed? Well, not quite. Trojans are the easiest form of malware to produce, because they don’t as much defeat a computer’s security as they circumvent it by having you open the door and usher them in. There’s no static security system in the world that can protect against a user personally installing the malware. If you think that you might fall for such ploys, then perhaps it is time for antivirus software on your Mac. Nevertheless, the risk is exceedingly low.

In order to get stung, you have to visit a porn site and try to see a porn movie–only to be told that your version of QuickTime doesn’t have the right codec. The user must then accept a download (“ULTRACODEC4313.dmg”), run the installer, and give the administrator password. The worst that can be said is that at no time does the Mac OS say, “Hey! You’re about to install a trojan!” As MacDailyNews puts it:

Of course, Intego says that “the best way” to protect against this exploit is to purchase and run Intego VirusBarrier X4 with up-to-date virus definitions, but we suggest that an even better way to protect against such trojans is to use your head and not download, authorize, and install software from porn sites.

And that’s what it really comes down to: common sense.

If installed, the trojan will not erase files or send your private information anywhere, nor will it use your address book to propagate–it only propagates by having users download and install it. However, it will hijack your Mac’s DNS settings so as to lead you to bogus web sites. Web searches or clicked links may be redirected to porn or phishing sites. This could be bad if you try to go to the real eBay or your bank site and are redirected to a phishing site that pretends to be eBay or your bank. However, the chances are that by the time you would want to visit such a site, you would have already noticed that your browser is being hijacked to all those porn sites.

So far, there is only one reported case of the trojan hijacking someone’s system, though admittedly there may be lots more who simply don’t want to advertise that (a) they visit porn sites and (b) were dumb enough to fall for this particular trojan.

Rob Griffiths at MacWorld explains everything, including how to remove the trojan without having to buy antivirus software.