SecureMac, Inc.

Malware Library. Threats targeting Macs.

Mac malware exists in all shapes and sizes and new digital parasites evolve every day. Whether it’s adware, trojan horses, keystroke loggers, viruses or other spyware, stay up-to-date and discover more information about the latest threats targeting your Mac here.


also known as OSX/ARDScript.A, OSX/Hovdy.A

    • Type:
    • Trojan Horse
    • Platform:
    • Mac OS X
    • Last updated:
    • 02/09/16 9:14 pm
    • Threat Level:
    • High


AppleScriptTHT is a trojan horse. First spotted in the wild in 2008, the malware was discovered when it was offered for distribution on a hacker website, with site forum members discussing possible delivery vectors which included the messaging app iChat and the filesharing service LimeWire.

In order to become infected, a user must first download and launch AppleScriptTHT. Once installed, the Trojan exploits a vulnerability in the Apple Remote Desktop Agent in order to gain administrative privileges on the infected Mac. It then enables file sharing, web sharing, and remote login. The Trojan runs quietly on the system, allowing a malicious actor to access the computer remotely, capture passwords, log keystrokes, operate the camera, and take screenshots.

AppleScriptTHT evades detection by opening ports in the computer’s firewall and disabling system logging. Originally released as uncompiled source code, the malware was subsequently repackaged either as a compiled AppleScript named ASthtv05 or as an app bundle named AStht_v06.

AppleScriptTHT Threat Removal

MacScan can detect and remove AppleScriptTHT Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

Get the latest security news and deals