[Analemma_]

If you previously establish that the vulnerability was introduced by a third party, then "backdoor" might be an OK term afterward - after the context has been introuced.

In an example without context (like, a headline), "backdoor" strongly implies that it was built by the vendor. I have to disagree with you and concur with the other commenters saying this was a very misleading choice of words by Kaspersky. They should have just said "malware".

[eriknstr]

I agree. My first reaction when I read the headline was, I thought Apple had put it there, which I found disturbing seeing as how Apple has publicly spoken out against backdoors. I think a better title would be something like "Sophisticated OS X Backdooring Malware Discovered". That would make it clear that the backdoor is not present in the binaries shipped by Apple.

[mseri]

Same here. Malicious backdoor or rootkit backdoor would have been more appropriate

[wlesieutre]

I make the same association. A door is part of a building, and is put there during construction (initial release) or in owner-planned renovations (software updates).

I've never heard of someone breaking into a building by cutting a hole into a wall to install their own entry door that they have a key to, but that's the scenario this "OS X backdoor" is describing.