It's the first issue of the Apple Weekend Warrior and we've got some good stuff for everyone. To kick things off with the new and improved version of the QuickJump QuickPeek feature, we have a healthy dosage of Trojan malware, spiced with Snow Leopards on the side. Confused? Read the full article to get a better idea of what we're talking about.

Mac users beware - the first ever ARDAgent-based Trojan malware was recently identified by SecureMac, compromising the security of the normally airtight Mac OS X system. Known as "AppleScript.THT", the Trojan exploits a vulnerability in the Apple Remote Desktop Agent and allows malicious users complete access to the system. More details about the Trojan can be found in our full article.

In this day and age, thieves have gone high tech as well. Case in point: certain players of Blizzard's World of Warcraft have had their accounts hacked, and the hackers are apparently using virus-infected FRAPS. More viral news follows after the jump.

A powerful new Trojan virus has been discovered. While it's been reported that it can steal almost any kind of information from PCs, it seems to be limiting itself to stealing MMO user account passwords for now. The virus was hidden in digital photo frames that were being sold in Best Buy, Target, Sam's Club, and other retailers. Check out the full article for details.

Heads up iPhone owners! Symantec has just identified and confirmed the iPhone firmware 1.1.3 prep application as the first ever Trojan virus targetting the mobile device.

Although it does not pose a big threat, the application can still remove files on the iPhone rendering valid programs such as Sendfile and Erica's Utilities useless. More information regarding the virus in the full article.

One of the biggest rules about maintaining the security and integrity of your computer is not to access unfamiliar and questionable websites - yes, including those websites that a certain broadway production song proclaims that the Internet is for. While you may have the latest in computer security programs, malicious entities such as Trojan Horses can still slip past our defenses and wreak damage - and it only takes a case of mistaken identity, as the guys over at Intego have found out, having discovered a malicious piece of code that victimizes Mac OS X users.

So just what is this little bundle of bad news all about? A new Trojan Horse was found lurking in several naughty websites, one that tricks you into giving it full access to your Mac by pretending to be a video codec installer and asking for your unit's administrator password.

Should the user be tricked into doing so, the Trojan Horse will then successfully infiltrate the system and mess around with things inside quite a bit. Before we go too much into the technobabble, let's just say that this is a very bad thing, and would have you giving out your private details to people you would not even give your calling card to.

What's to be done, then? Well, to protect yourself from this potential threat, Intego suggests running Intego VirusBarrierX4 with its virus definitions kept up to date. Of course, there's also the deal about never clicking any website link that deems suspicious, even if you've got a hankering for the adult stuff.

In the world of organized crime, nothing is exempt as long as it will further their schemes. In line with this thinking, Symantec warned authorities with the possibility of criminals using online games such as World of Warcraft and Second Life for money laundering purposes. That's another form of online crime apart from piracy.

The two online games' use of microtransaction business models in exchanging virtual items for money makes it possible for organized criminals to "open several thousand MMOG accounts. Each could be used to trade with other players in the purchase or sale of in-game assets, the funds from which would ultimately be withdrawn from the accounts," according to the Internet Security Threat Report from Symantec.

With those myriad of accounts going through millions of transactions, tracing the true source of the accounts will ultimately become near-impossible.

Aside from money laundering, several online games are also being used to spread malicious software in the guise of downloadable updates. Unfortunately, some gamers often disable their security systems in their computers to optimize performance while playing, leaving them open for infections or attacks.

China is most affected by MMOG software attacks, with about 74 percent of the attacks directed towards the country. About 84 percent of Gampass attacks, one of the most malicious trojan codes, originated from China as well.

While there's not much you can do to make sure you account will stay away from money laundering, you can protect your computer from getting infected by making sure your anti-virus and firewalls stay on while you're playing.

From the looks of it, the Blizzard's World of Warcraft MMORPG's forums isn't the only place under siege from key-loggers and trojans. Curse-gaming - another site frequented by WoW's gaming community - has just sent out an urgent message warning members that there have been reports of emails being circulated that appear to have come from Curse's support staff.

The announcement further warned the residents that these bogus messages stated that they carried "updated addons" information, but were really links to downloads to Rapidshare servers with executables. Attempt to click on these emails, and you run the risk of having a trojan infecting your system.

As a further clarification of the fake emails, the staff indicated that only urls that carried official Curse downloads are on curse.com, cursebeta.com, or curse-gaming.com. We advise readers among the WoW gamers to take heed of this warning - keylogging's been on the rise lately, and given how much time and money are spent in creating a character for the game, it doesn't hurt to be extra careful.

 

Word got 'round - and got around real fast - that trojans were attached to the latest Blizzard Downloader and some of the patch executables for World of Warcraft. A couple of spyware detection programs identified malware signatures that spurred concern for computer security buffs in the community.

But Blizzard doused the community buzz down. According to Drysc, the trojan detected is actually a false positive - or a signature that might appear to be a spyware, but really isn't a threat. Blizzard has just recently looked into the issue after receiving the reports and found that it's only tied to a couple of popular malware detection programs.

That said, Blizzard has already contacted the companies of the programs and asked for a fix to address the issue, and some companies are already pushing out their respective definitions that should correct the detection of the false positive. If the developers of your program have not delivered their updates, Drysc recommends concerned users to update once new definitions become available.

Members of the World of Warcraft boards have detected what appears to be a keylogger over at the Icecrown boards. According to Madhava's explanation over at the posted thread, here was how the detected trojan worked:

Its not meant to fool the interceptor, Its meant to fool people. It disguises what website you are actually going to by using those escape functions. Firefox refuses to follow those links (for good reason), but I'm not sure about IE. My computer is pretty secure but I don't want to risk running that site on Internet explorer.

The hijacked site has an embedded link to malicious javascript hosted on a Chinese server. That javascript attempts to exploit the ANI exploit and the Iframe exploit to load a trojan named 'test.exe'.
'Test.exe' is detected by most antivirus as a trojan:
Trojan-PSW.Win32.Agent.im or Trojan.Agent.im
Basically a password stealer for WoW and maybe a backdoor.

Just a quick heads-up for any passing WoW gamers, all the more as keylogging incidents are becoming more rampant. Now, in case the guys here are wondering as to how to protect themselves (and their prized characters) from getting hoodwinked, make sure to check out the various security measures being circulated for your benefit. Play safely.