After infecting a given Mac, this Trojan is like most: it connects to a remote website using HTTP in typical command and control C&C fashion to fetch instructions from remote hackers telling it what to do. The backdoor contains functionality to take screenshots of the user’s current session, upload and download files, as well as execute commands remotely on the infected machine. Encrypted logs are sent back to the control server, so the hackers can monitor activity.

via New targeted Mac OS X Trojan requires no user interaction | ZDNet.