Last week, IT security specialists announced the discovery of a Mac Trojan that could affect machines running Mac OS X 10.4 or 10.5.

On Thursday, SecureMac researchers released a statement saying that the "AppleScript.THT" Trojan was being distributed from a hacker’s website. The same online location was also hosting discussions with regard to ways of spreading the malware through programs such as iChat.

At the end of May, Apple released a massive security update for its Mac OS X 10.5.3, that took care of more than 40 compatibility and security flaws that were affecting a series of applications, including Address Book, VoiceOver, AirPort, Automator, Parental Controls, Spaces, Time Machine, iCal, iChat and Mail.

This was the third upgrade Leopard has received since its launch in October 2007. In the second half of March 2008, Apple released an impressive set of patches fixing no less than 93 vulnerabilities, which had been discovered up to that point in almost every component of its operating systems. It seems all this wasn’t enough though.

SecureMac people consider the threat posed by AppleScript.THT as critical. The Trojan takes advantage of an Apple Remote Desktop Agent (ARDAgent) vulnerability.

On Wednesday, Slashdot.org posted an anonymous article which contained several details of the ARDAgent vulnerability. Intego has issued a warning which says that the Trojan may cause a wide range of problems, such as modifying system settings or, in the worst case, deleting all of the user’s files.