Duck and cover, kiddies-- this is not a drill! There's an icky new Trojan floating around out there in Macdom, lurking in the shadows and biding its time... and it's already nuked the data of more than one curious cat. We may not have been able to share in the recent Sasser mayhem (or any of the six kazillion other Windows wormy virusy type thingies that have plagued the industry over the course of the last six minutes), but at least there's some guy out there getting his jollies when all-too-trusting Mac users double-click what they think is a Microsoft app and wind up with most of their data destroyed. We know, we know-- that's the sort of thing you're supposed to expect when running Microsoft software, but this time the data loss doesn't originate from Redmond after all.

See, faithful viewer Stephanie tipped us off to a Macworld UK article about the dodgy app in question, and apparently it's been showing up on peer-to-peer sharing networks "cunningly disguised as a Word 2004 for Mac demo." One reader states that he grabbed the file via Limewire "in the hope that perhaps Microsoft had released some sort of public beta"; after the file was unzipped, it sported a Microsoft icon that "looked genuine and trustworthy," so the hapless victim double-clicked it and subsequently found himself sans one home directory.

Now, maybe we're just naturally suspicious people, but while we feel bad for this guy, it seems to us that there's a sort of Darwinian thing going on here and anyone with a Naïvete Quotient above 130 is being culled from the gene pool. First of all, downloading anything from the peer-to-peer networks with apps like Limewire seems to us to be a sure way to wind up with malware of some sort, or, at the very least, a raging lice infestation and a case of one of those diseases you aren't supposed to talk about in polite company. Secondly, upon spying the supposed Word 2004 demo, the victim proceeded to download it off of Limewire instead of visiting Microsoft's site to get the software from its official distribution point, or, indeed, to check to see if such a demo existed in the first place. (It doesn't.)

Thirdly, the victim apparently thought nothing of the fact that the alleged Word 2004 demo was 108 KB in size; sure, small "web installers" are all the rage these days, but the file size should have triggered at least a little suspicion. Fourthly, the victim judged the download to be safe because its icon "looked genuine and trustworthy," which is, quite frankly, a lousy criterion. Fifthly, we're very glad that after nearly seven years of producing AtAT, we finally got to use the word "fourthly." And "fifthly," too, for that matter.

As far as malware goes, the "how" of this particular specimen is about as subtle as a swift kick in the groin. Whoever slapped it together apparently just banged out an AppleScript that runs the UNIX shell command to delete all files in the user's home directory, saved it as an application, and pasted an altered Microsoft Word icon into its Get Info box-- all of which took about as much finesse and technical ability as throwing a rock at your mom. Still, there's a sucker born every minute, and with the millions of active Mac OS X users out there, obviously at least some of them would fall for this thing. Even the most vigilant and paranoid are going to get suckered once in a while.

Time to buy stock in companies that make Mac OS X backup software?