To make matters worse, the malware is digitally signed with a valid Apple developer certificate. Intego says that certificate was issued to a “Maksim Noskov.” According to Johannes Ullrich, Ph.D., of the SANS Institute's Internet Storm Center, the security researcher who first spotted the malware, Apple has since revoked that certificate.
Mr. Ullrich posted a video of the malware that he installs on a fresh system so we can see what it does: