Most of the examples of Mac malware that have surfaced recently (like OSX.Trojan.iServices.A and OSX/RSPlug-F) are actually Trojan horses that are distrubed via P2P networks packaged with commercial software.
Sophos notes that Tored-A is different than the other recent Mac malware that been discovered:
...it is an email-aware worm which attempts to scoop up email addresses from your infected Mac computer and forward it to others.
Luckily, the worm’s buggy code renders it ineffective, leading Sophos' Graham Cluley to call it "a lame email worm for Mac OS X," adding:
...it is unlikely that you will ever encounter it, even if the author had taken the time to correct the many spelling mistakes in the emails it tries to send. So don’t lose too much sleep.”
I don't plan to lose too much sleep over Tored-A but what does cause me to toss and turn at night is that the era of Apple's "security by obscurity" may be coming to an end. As the Mac, iPod and iTunes continue to gain market (and mind)share I'm sure that there's a virus writer out there who'd love to be able to take credit for building the first major piece of malware for Mac OS X.
While Tored-A looks like a dud, the other shoe could drop any day. Should Mac users be scared of the increasing threat of malware? Or is this a nefarious attempt to sell anti-malware software to the Mac faithful? Sound off in the TalkBack.