A history of Mac malware: The Apple of a virus developer’s eye

Apple MacBook

Apple Macs are falsely believed to be invincible and completely safe against malware threats and security breaches. But as we recently discussed, this perpetual myth has gradually been broken over the years.

Apple has subtly acknowledged this fact over the last year or so and has made major upheavals in their marketing strategies as a result. In June 2012, the “Why you’ll love a Mac” page on Apple’s official website saw a few minor changes that emphasized this change. Where Apple used to make claims like “Apple’s OS X software doesn’t get viruses” and “Safeguard your data. By doing nothing” they now make drastically contradictory statements like “It’s built to be safe” and “Safety. Built right in.

If you are still not convinced that Apple Macs are also vulnerable to security threats and malware then how would you feel if you knew that a virus affecting Apple computers was developed 4 years before a virus was developed for IBM PCs and Windows in general? Over the years, the Apple Mac has also seen plenty of viruses and worms and given below is a brief history of major malware threats that have targeted the Mac platform.

The most prominent viruses designed for Apple Macs

  • April 2012 – The Flashback malware is perhaps the biggest security threat ever seen on the Mac platform. The malware infected more than 600,000 Macs all around the world and it spread by posing as a fake Adobe Flash update. Furthermore, Apple failed to patch a known Java security flaw for many months and this also led to the propagation of this threat.
  • Flashback malware

  • February 2011 – A Remote Administration Tool (RAT) known as Blackhole allowed remote access to hacked Macs. Later in 2011, fake antivirus posing as MacDefender also surfaced and tricked people into installing the software. Once installed, the program asked for credit card details and other information. In the same year, an infected PDF also started spreading on Macs and this PDF contained news about rising tensions between Japan and China.
  • April 2010 – A potent Trojan that posed as Apple’s iPhoto application was discovered. Additionally, another Java worm known as Boonana was also found. This worm was not just restricted to Windows, it attacked the Mac and Linux platforms as well.
  • August 2009 – For the first time, Apple’s OS (Snow Leopard) provided built-in antivirus protection for Mac users. Though the feature was not very comprehensive, as it could not provide a system cleanup nor could it prevent threats from USB devices, it was a clear sign of recognition from Apple that Macs are not invulnerable.
  • Snow Leopard

  • February 2006 – The first major virus for the Mac platform was discovered. This virus spread through Apple’s iChat application and was known as Leap-A or Oompa-Loompa.
  • April 2004 – In 2004 a proof-of-concept program was developed for Apple Macs. Known as Amphimix, this program showed that remote code can be run on a Mac. Disguised as an mp3 file, this program reached many people who had no clue what was happening. In the same year, another worm called Renepo (or Opener) that could disable the firewall in Mac OS X was also discovered.
  • 1998 – A virus known as Sevendust (or 666) was discovered on several applications over the Mac platform. The reach of this virus was restricted since a new OS version was already on the way out. Furthermore, another virus known as AutoStart started spreading through the desktop publishing community and CDs.
  • May 1990 – The MDEF (or Garfield) virus emerged over the Mac platform. This virus infected a wide assortment of application and system files.
  • 1987 – In times when the floppy disk was rampant in the computer world, a virus known as nVIR started infecting Macintosh computers through these disks. Different variants of this virus slowed down performance, deleted crucial files and also infected laser printers.
  • 1982 – The Macintosh didn’t release until 1984. However, the first virus for it was made by a 15 year old. Known as Elk Cloner, this virus infected the boot sector of Apple II computers. Interestingly, the first IBM PC virus (known as Brain) did not appear until 1986.

Elk Cloner

As can be seen, there have been several viruses developed for Macs over the years. The high penetration and usage of Microsoft Windows ensures that any threat found over this platform affects more users and thus receives more coverage. This does not mean that Apple Macs cannot be targeted. Moreover, the misconception that Mac users carry regarding the vulnerability of their platform, actually makes them an easier target since they are less cautious. We hope that we can play our part in altering this misconception.

Rahul Thadani

Rahul Thadani

1 Comment

Your email address will not be published.


  1. Avatar Sachin BoryalJanuary 31, 2013 at 7:00 PM

    Nice information sir..