A security firm claims it has uncovered variants of a Trojan horse that targets computers running Mac OS X 10.4 and 10.5. The Trojan requires a user to download and open the file for it to work. The Trojan takes advantage of a vulnerability in Apple's remote Desktop Agent that allows it to run with root permissions. Once installed, the malware can allow remote access to the infected machine, capture and relay passwords and log keystrokes.