Initial reports about the worm indicated that it was distributed as a codec on a porn website that was advertised in spam messages posted on Mac bulletin boards.
The attackers behind the sites crafted the malware to detect the visitor's operating system, allowing them to serve a tailor-made exploit and guarantee a higher rate of infections.
McAfee confirmed that, as reported earlier by Intego, the Trojan infects Mac users with a DNS Changer which redirects web traffic from legitimate sites to either phishing pages or sites that serve ads.
Although the Trojan is being distributed by more sites than originally believed, Marcus noted that there are still few actual infections being reported.
The Trojan is believed to be the first functional piece of malware to be released for OS X.
How it fares could determine whether other malware authors follow suit, according to Marcus. If the Trojan is successful at infecting machines, malware writers are bound to repeat the attack method.
"Ultimately, if the malware is successful and it can make the malware writer money on the Mac platform, it could catch on," he warned.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff