A new group of cross-platform trojans are masquerading as commercial apps, says security firm Intego. Codenamed OSX/Icefog.A on the Mac, the trojans -- concealed under app names like AppDelete, CleanMyMac, and Img2icna -- secretly copy a backdoor app to a computer when the main app is launched, and immediately try to contact a command-and-control server for instructions by the attacker. The backdoor app, named .launchd.app, incorporates a keylogger and is deliberately concealed during the installation process. It's immediately moved to a separate folder, for instance, and the Dock icon and Command-Tab switching are suppressed.
the trojans represent a "low-risk" threat, as they appear to be part of a "targeted attack." Updated antivirus programs should be able to halt the malware.