I'm just utterly amazed at how many people on here are throwing around terms like "idiot" and "moron" in regards to trojan malware. The entire concept of a trojan is that it resembles legitimate software (when done "properly", it's EXACTLY IDENTICAL in appearance). Web sites can be hacked and hijacked. Legitimate software can be redirected to trojan versions and the poor souls that happen to download what they believed was the legitimate software from a legitimate web site before it's detected are real victims and they are NOT "morons".
All the people in this thread that think it could NEVER happen to them are like people living in the desert that think their house couldn't possibly be flooded because it hardly ever rains. The sheer amount of ignorance on this subject is simply astounding. You're sitting there behind your keyboards reading about what sounds like someone logging on to "Trojan.com" and purposely downloading a trojan and then installing it. I see lists of things to do that act like Apple's so-called "warning" of "Gee, this program was downloaded off the Internet; you sure you want to run it" is some kind of malware detector? Bullcrap. It says that for trojans and legitimate software alike. Gatekeeper's only function is try and get you to buy all your software from Apple's App store. I guess that's what you all must do since otherwise, you'd be terrified to actually click "OK" after that warning, which you MUST do in order to install ANYTHING (legit or otherwise) off the Internet. Apple's malware detection tools are ONLY useful AFTER they've added the new definition. If you get it before then, tough luck.
But nevermind all the exploits that have been found in things like Java, Flash, Webkit, etc. over the years; yeah you got lucky someone didn't take full advantage of it; but no...it's because you're too smart! Those people MUST have been "morons" or "idiots", right? Yeah, right. It's often the ones who think they couldn't ever fall for something that are particularly vulnerable because they become careless. If an anti-malware program becomes available, they won't bother to install/use it because they think they're too smart for the criminals out there. Yes, I'm sure none of you have ever visited anything but large corporate web sites and your kids have never surfed anywhere but legitimate sites too and no such web site has EVER been hijacked or hacked in the history of the Internet....
And so you ONLY install certified software and/or Apple App store apps? You sure have a limited selection to pick from.