First spotted in January, the trojan had been bundled into copies of pirated MacOS software.
At the time of discovery, researchers noted that the malware payload included tools which could allow an attacker to remotely take control of an infected system. Now, it appears as if those components are being put to use.
In a recent article, Symantec researchers Mario Barcena and Alfredo Pesoli reported that systems infected by the trojan have been used in at least one denial of service attack. Other users are also reporting that their systems are displaying activity caused by the malware.
News of the botnet marks what experts have warned is a small but growing crop of malware which targets OS X systems.
"Quite frankly there is not any functionality in this 'bot' that we have not seen before," noted McAfee Avert Labs head of research and communications Dave Marcus.
"The only thing of concern here is that it does affect the Mac platform which certainly is fresh territory."
Marcus recommended that Mac users avoid installing pirated software applications and install antivirus software to guard against infection.