Well if they put a backdoor they might only put in Winblows client which is easy to fool people. I find it hard to believe this is anything but a classical backdoor maybe sending list to gov. of who is using the software. Told you : don't use the official client !
Why would the official client be any less safe than a third party client? And I didn't catch this for a week, it was letting the connection through for that time and I've had no unusual activity with my wallet - though I did transfer most of the coins as soon as I found it and blocked the port. I was concerned when I first saw an IRC connection also, but that turned out to be a proper connection. It may help if someone else can duplicate it on any os.