The activation of a botnet running on OS X clients created news over the past few days. But Mac users should heed the call and realise that root user stupidity can always subvert any security in place.
The fact to keep in mind is that this botnet was installed via pirated copies of iWork and Photoshop — a trojan from the warez side of the internet. Users have chosen to install and trust this software with their super-user password. Nothing has been forced upon them. The OS X security model has retained its integrity, but has been rendered useless by user ignorance.
Should we all be shocked and act like Henny Penny at OS X being compromised? Of course not. The lesson for Mac users is that if you wanna play in the internet's sewer, don't be surprised when bad things happen and software has extra unsuspected malicious functionality.
Instructions have been posted to remedy the problem and are thankfully quite easy — this time.
This event should serve to wake Mac users out of their security slumber. If nothing else happens, Mac users should learn (if they don't already know) the same lesson that PC users know: if you want to install warez, expect to get owned at some point.