A new version of the Mac OS X Sabpab Trojan malware has been discovered that targets computers using compromised Word documents.
Security firm Sophos reported finding the Trojan in a blog post, warning that the modified Sabpab installs malicious code after users opened the corrupted file.
Once installed, Sabpab is able to scour infected devices for potentially sensitive information, as well as installing other code.
Sophos spokesman Graham Cluley said the Trojan is particularly dangerous as it doesn't require the user to do anything other than open the infected document.
"Mac users may be caught out by the attack, as there is no prompt to enter your username or password when the malicious software installs itself onto your Mac," said Cluley in a blog post.
The news that Sabpab is infecting computers through Word documents is a marked change from the original malware, which related to the Java vulnerability exploited by the Flashback botnet.
Cluley said the malware's evolution is proof that Apple devices are no longer safe from hackers.
"Any Mac users who believe that they have protected themselves because they don't use Java probably needs to realise that that's not an effective defence," he said.
"And although there's no reason to believe that this attack is widespread, it's clearly time for some people to wake up to the reality of Mac malware."
V3 contacted Apple for comment but had received no reply at time of publication.
Earlier this month, researchers uncovered malware, dubbed BackDoor.Flashback.39, which, according to statistics published by Russian security firm Doctor Web, has already infected roughly 600,000 Mac computers.
The newest version of the Flashback Trojan is believed to have been active since 2011. The malware targeted an unpatched Java vulnerability within Apple's Mac operating system.
Apple's initial OS X update addressed 12 separate vulnerabilities in the OS X version of the Java platform, hampering the malware's ability to spread.
Apple has since promised it will release a further protection tool that will actively scan and remove the malware from infected computers.
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal
Microsoft, Google and Samsung all targeted as Avast admits to the scale of the CCleaner compromise
Not all loose ends tied yet, admits Bain backer SK Hynix