Irssi, an irc-client, has been found exploited. It isn't the binary itself that is backdoored, it is its configuration script. The irssi.org site was cracked, and the distribution tarball was modified. The backdoor creates a connection to another server, and opens a shell on it. So far, no-one reported malicious activities.
Details about the backdoor can be found at the irssi backdoor page.
http://www.security.nl/artikel.php3?id=3080 (in Dutch, incl. forum discussion)