here's a current list of malware for mac that sophos has not inflated to sell more crap ware
In the year 2009, a new Mac OS X Trojan affecting the dubious copies of iWork’09 and AdobePhotoshop CS4 started showing up on the peer-to-peer (P2P) file sharing networks.
- iWork’09: The Trojanized copies were found on the PirateBay torrent site as ZIP file, when this file was unpacked it would give a proper Mac .pkg.file; the iWorkServices.pkg file would an install package for OSX/iWorkS-A malware. Once user installed the OSX/iWorkS-A it would create several files and triggered a process to botnet the Mac computers. (Botnet is a collection of comprised computers which have been infected with the malware that is in complete control of the attacker.)
- Adobe Photoshop CS4: Similar to the iWork’09, experts further discovered a new variant of the Apple Mac iWorkS Trojan horse which was being distributed via a pirated version of AdobePhotoshop CS4 on the P2P sharing networks. It was further found that the Trojan was being distributed through pirated versions of commercial copyrighted software, hence if users were not downloading any software illegally from the BitTorrent sites then they were not at the risk of encountering the malware. The infected Macintosh users faced the risk of having their computers remotely controlled by the attacker and further used to by attackers to send spams, steal identities and for the purposes of spreading the malware.
Boonana was a multi-platform Trojan Horse which was spread to computers via social networking sites such as Facebook. The malware was discovered by SecureMac in 2010.
Here, users used to receive a link which used to be accompanied with a phrase: “Is this you in the video?” This was a trap for the curious users who used to click on the link and then the malicious software would get downloaded to the computer which in turn used to modify the system files, settings and other security mechanisms thus allowing the hackers to get an easy access to the content of the computer.
A security firm, Intego, figured out that Boonana was not that scary as it was expected to be because it was infested with bugs and hence it could not operate at a level it was expected to be by its makers.
In 2010, Intego warned the Mac users regarding the spyware which was being wrapped in some free Mac apps and screen savers. This happened before Apple introduced its safety apps on Mac App Store.
In this case the free app contained a spyware which made it compulsory for the user to run through some “market research program” and in the meantime it would scan the files on user’s computer and also record the online activity of user and send all these information to some remote server.
This particular piece of malware already existed since 2008 and it had infected several Windows user. However, it started attacking Mac users since 2010.
MacDefender, a piece of malware, marked the beginning of an altogether new era in the history of Mac malware. The exquisite design of this malware actually succeeded in convincing the users to easily fall prey to the tricks of this malware.
MacDefender posed as an antivirus software and user’s were required to click on a malicious link to get the software downloaded to their computer. Further, the software required user to type in their system password for the installation of this dubbed anti virus software.
Once, unsuspecting users punched in their system password, the attackers could easily gain access to the victim’s Mac computer even without their knowledge. This malware was discovered in 2011 and then Apple had even circulated a series of OS X updates to address the issue of MacDefender.
In 2012, the Flashback Malware infected over 600,000 Mac users across the globe.
The malware spread through a Java vulnerability and functioned as a botnet. Basically, the malware posed as an Adobe Flash Installer and thus fooled the unsuspecting users to download the fake malicious malware.
Upon installation, the malware would start stealing the system data such as passwords and other sensitive credentials such as credit card information and even user’s online searches were redirected to malicious websites.
A free online removal tool to disable the automatic execution of Java applets was released by Apple to combat the malicious malware. Later, experts also revealed that Oracle has already patched the Java vulnerability a couple of months before it actually hit the Mac; however Apple was not that quick and Mac users had to face this malware.
Security researchers from Dr. Web had discovered this OS X botnet in 2014 and it has already infected more than 17,000 Mac users worldwide. Surprisingly, the infected Macs were able to communicate with the administrators of the malware via Reddit.com in an interval of about five minutes.
2014, witnessed the Wirelurker malware which existed for a short time. Mac users in China were the ones to be affected the most with this malware.
The malware spread through pirated Mac apps. Actually it was found to be embedded in the third party applications found on the unofficial Mac App Stores.
Experts found that the malware was able to hop from an infected computer to an iPhone through a USB cable and it was able to do so even in case the iPhone was not jailbroken.
The third party app store which spread this malware was eventually shut down and three criminals responsible for the malware were arrested.
The history of Mac malware clearly indicates that Mac computers and devices are not fortified and Mac users definitely need to guard their devices with proper antivirus software. One more word of caution to all the Mac users would be that they should never download any pirated links and dubious software through any of the social networking sites.
Your best defense against these right now, proven defense is keep the macs up-to-date with securities patches, most if not all of these threats are already extinguished by OS 10.11.
also from the source of these attacks stay away from pirated software, the legitimate stuff does not appear to have any nefarious payload and the cost of the software audit's finding when you hit court would be a policy I had on my network before I resort to Anti Virus on a Mac.