The Mac OS X 10.6.4 update is the first to update Snow Leopard’s XProtect Trojan Horse database, adding support for detecting the HellRTS (aka OSX/Pinhead). This Trojan conceals itself as a copy of iPhoto, distributed via BitTorrent and other P2P services. Once infected, hackers can send span from your Mac, take screenshots, and access your files and clipboard.
As a reminder, Snow Leopard’s XProtect feature scans mounted DMGs downloaded using Entourage, Safari, Mail, Firefox, Thunderbird, and iChat. If the DMG contains a known Trojan horse, XProtect will displays an alert prompting you of the risk and recommending that you eject the disk image.