From the dawn of malware to the modern day. A history of Mac threats.

It’s hard to picture the world more than 30 years ago if you didn’t live in those times. Technology, communications and multimedia were fundamentally different in the days when personal computers were a rare find in any neighbourhood, and wireless communications were mentioned in science-fiction literature.

One thing is for sure: these sparsely spread computers were hardly targeted by malicious programs, later known as malware.

In the early 80s, Apple II computer systems started to gain popularity, becoming one of the first successful series of mass-produced devices. In this “pre-commercial-internet” era, users frequently and jauntily exchanged data on floppy drives.

Back in the day, the first Apple II virus was Elk Cloner, a piece of computer code that would, at most, mildly annoy the modern day user. Once booted from an infected medium, the computer would display rotating images or blink textual jokes. Then things got complicated.

The last 40 years have brought a noteworthy increase in the number of threats and malware infections targeting Mac OS X computers. Here are a few milestones.

In 2004, with the adoption of the modern Apple operating system, the first malware variant was allegedly created specifically for OS X. Introducing Renepo, a worm that messed with Mac firewall and security. Only in 2006 did researchers come across Leap, also known as Oompa Loompa, the first Trojan designed for Macs.

Around 2007 and 2008, Apple finally admitted its computers were not untouchable and advised users to install security software on their Macs.

Fast forward to 2014 when things started getting interesting in terms of Mac malware, after the sophisticated iWorm backdoor was identified on over 17,000 computers.

In 2016 ransomware finally made it into the wild. KeRanger was specifically designed to target Macs and affected some 7,000 users.

In 2017, malware has reached new levels of sophistication in its ability to circumvent operating system defenses and outsmart even the savviest of users. Meet “APT 28” – the most complex threat ever developed for Mac. Besides select victim targeting, the APT28 Trojan can selectively download components for each victim, including those running Mac OS. The XAgent modular backdoor delivered via the Komplex downloader can install various espionage modules, ranging from key-logging to screen grabbing and file exfiltration.

The frequency of attacks against Windows and – later – Android users in the past led to a widespread misconception that Apple products are untouchable. This, in turn, created a vicious circle where more market share means more attention from cyber-criminals.

Contrary to popular belief, Macs are also at risk, and Mac-designed malware is definitely not new.

About the author


The meaning of Bitdefender’s mascot, the Dacian Draco, an ancient symbol that depicts a mythical animal with a wolf’s head and a dragon’s body, is “to watch” and to “guard with a sharp eye.” Like our mascot, we are committed to using Bitdefender Labs, our world-class research team, to vigilantly find and eradicate threats for our customers, and to use our platform for the larger good.


Click here to post a comment
  • No system is safe from a good hacker. I remember my first virus on a Mac back in the early 90’s, and it came in from where you’d expect, Microsoft Word, version 2 or 3. I got annoyed at Best Buy a few years back when I asked about Mac virus protection and the Geek replied, “you don’t need it with a Mac.” I let go a big laugh and told him to do his homework!

  • I am using Bitdefender for several years. I also have an apple iPad for which I enquire (2-years ago) for a security software. Your response was "not available/providing at this time". Anything change by now? Can you provide security for Apple iPad?
    Thank you, GS

  • Good info about macOS vulnerability. With information synced across devices you risk loosing a lot, if your not properly protected. More market share for Mac means more “bad guys”. Best to stay safe!