I found a Slashdot post about 2 Trojans that are a threat to Mac users. However, don’t panic unless you open files without knowing what they are. 
F-Secure reports that the first trojan is a proof-of-concept from the MacShadows people that exploits an unpatched Apple Remote Desktop vulnerability. When run by the user, this trojan gets root access. Kind of weird. It must be a little Applescript written to see if it would work, and then others got ahold of it. Stupid if you ask me. But all virus thingys are stupid.
The second is a trojan horse pretending to be a Poker Game for Mac OS X. The trojan is a shell script inside an application. The Intego security group states:
“The Trojan horse, when run, activates ssh on the Mac on which it is running, then sends the user name and password hash, along with the IP address of the Mac, to a server. It asks for an administrator’s password after displaying a dialog saying, ‘A corrupt preference file has been detected and must be repaired.’ Entering the administrator’s password enables the program to accomplish its tasks. After gaining ssh access to a Mac, malicious users can attempt to take control of them, delete files, damage the operating system, or much more.”
But this may be so new that my Mac’s virus checking software, Virex, does not recognize these trojans, yet. I checked the Macafee web site and the trojan threat descriptions are nowhere to be found. It looks like the folks at Slashdot are once again on the cutting edge of the known universe.