firm Intego, which maintains a Mac security blog that monitors
various OS X-specific malware, first noticed and reported the
development. The firm was running the new version of OS X, when
they noticed it detected
and removed malware. The process was carried out via a
popup window, which they took a screenshot of, but they were either
unable to determine or chose not announce who made the antivirus
Intego's post indicated that they were not making
the product. ClamAV -- currently the AV engine in Apple's
server operating system -- also seems unlikely as the virus detected
had the signature "OSX.RSPlug.A", a signature that ClamAV
currently doesn't support (ClamAV does have a signature for
Similar, McAfee and Sophos use the names OSX/Puper.a 
and OSX/RSPlug-A ,
That leaves Symantec 
as one possibility. Another is that Apple has developed its own
proprietary antivirus software -- which would not be
Assuming that Intego's report is accurate (which
seems likely as they're a serious name in the security software
industry), it looks like Apple will finally be taking malware on its
consumer products seriously. It should be interesting to see
how the program stacks up to the free
offering that Microsoft is releasing later this year for Windows
7, Windows XP, and Windows Vista.
For many years Macs remained
largely free of malware, while their PC brethren struggled.
This was due to many factors – including a small marketshare and
the OS's generally sound design. Additionally, the web-based
attacks of today were somewhat less frequent back then because
browsers featured less rich content to exploit.
However, like any OS, OS X was not
without its holes -- on both the OS and the application level.
Recently, with more marketshare and Apple's increasing marketing
bravado, interest has picked up in attacking the OS. Recently,
attacking Macs emerged, but it appeared to be amateurish, unable to
reproduce due to the server it communicates with being dead.
Nonetheless, it seems a matter of time before more serious attacks,
implementing the proof-of-concept OS
X attacks that security researchers have been demonstrating, come
to light. One such recent proof-of-concept attack demonstrated
an an OS X keylogger
though Apple has since patched the route it used.
quote: There are many aspects of OSX that are just plain not secure either. A non secured app folder and the way applications are packaged (Specifically Bundles) are major security threats .
quote: Another big one is the way extensions work, for example in windows, you could have an infected file labelled virus.jpg.exe. Rename that to virus.jpg and it most likely will do nothing, opening up the app associated with the jpg extension. Well OSX does no such thing, you could completely remove the extension from an infected executable and it will still run as such.
quote: Furthermore unix and its dirivatives have been around for how many years? Not to mention a large chunk of malware were never meant for large scale deployment, and were merely a pet project. This is not really hard to believe either, considering some of the crazy nix developers out there. Most of these threats have been long patched too.