that, like Flashback,Sabpab doesn't require any user interaction. It exploits the same drive-by Java vulnerability used to create the Flashback botnet.
The newly discovered Sabpab malware is in many ways a basic backdoor Trojan horse. It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do. The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely.
BTW, Sophos offers free antivirus software for Mac home users: Sophos Free AntiVirus for Mac