CUPERTINO, Calif. – A Trend Micro researcher has discovered a new variant of the JAHLAV malware family that infects Apple’s Mac operating system. The new trojan, detected in the wild, is known as OSX_JAHLAV.I. Like its predecessors, it masquerades as pirated versions of legitimate software and can modify system DNS settings. Compromised systems are subject to phishing attacks and surreptitious browser redirection.Unlike previous versions, the new JAHLAV variant poses not only as updated versions of QuickTime, but also as the Foxit Reader PDF viewer and several antivirus applications.

“We can definitely say the myth of [the Mac OS X] being secure [from all threats] is out of the question these days,” Trend Micro researcher Ivan Macalintal told SCMagazineUS.com. “It’s advisable for Mac users to not exactly be as paranoid as Windows users, but they should be on the safe side.”

Macalintal also said most Mac malware resides on file-sharing and porn sites. He cautioned users about downloading any software, including recommended “helper apps” like video players, from any un-trusted site.

According to IT Pro, cyber-criminals are only beginning to realize the financial potential of the Mac market. Attacks against the Apple OS will increase dramatically and rapidly unless Apple steps up its security policies, the magazine predicted.

In January, more than 20,000 Mac users were infected with a trojan carried by pirated versions of Apple’s iWork 09 application. The files were distributed via BitTorrent. The trojan allowed its developer to take control of the Mac owner’s computer, hijack information and download additional bugs.

In April, Symantec discovered the first Mac botnet. Infected machines carried out denial-of-service attacks. Many of the infections were acquired at malware-delivery depots disguised as porn sites. Sophos went so far as to present its website users with a humorous video about how Apple users could be trapped into surfing for porn.

“We’re seeing more attacks against Mac users all the time, with hackers planting bear traps that work out if you’re visiting their page on a Windows or Mac computer, and deliver the appropriate malicious payload accordingly,” Symantec’s Graham Cluley told IT Pro.