The Timeline of Mac Malware and How to Get Rid of Macro Viruses

There is a widespread misconception that there are no viruses for Apple products. Thanks in large part to a wildly successful marketing campaign during the ‘00s, the belief that Apple operating systems are invulnerable to cyberattack is not one that Apple hopes to dispel anytime soon.

However, the truth is Apple products have long been on hackers’ radar, and for decades the potential for hacking (or worse) of Apple products has grown exponentially. Most Apple users remain blissfully ignorant of the imminent threats to their beloved Apple devices, but this timeline demonstrates how threats to Macs, iPhones, and other Apple products are growing ever-more potent.

1987-8: nVIR and HyperCard

Running on OS 4.1 to OS 8, nVIR was a virus spread by floppy disc. Its symptoms included crashes, printing errors, slow response times, and other relatively inconvenient developments.

An application and programming tool, HyperCard was exceedingly popular ― which is perhaps why its floppy discs were popular targets for viruses. One such flashed the message “Dukakis for President” before destroying the computer.

1990: MDEF

Eventually, MDEF split into four different strains: Garfield, Top Cat, C, and D. The virus ― written by a teen programmer ― wasn’t intended to do damage to the device, but the later strains often harmed applications.

1995: Concept

The first Microsoft Word macro virus ― i.e. a virus written in a language embedded in a software application ― Concept plagued both Macs and PCs.

1996: Laroux

Like Concept, Laroux was a macro virus released through Microsoft Excel.

1998: SevenDust and Autostart 9805

At this point, viruses became so widespread that they became known by various names. SevenDust, which also went by labels 666 and 888, originally did little more than spread, but later versions deleted all non-application files when run on a specific day at a specific time.

Autostart 9805, also called the Hong Kong virus, made overwhelming copies of itself, sometimes overwriting data to do so.

2004: Amphimix and Renepo

Amphimix (MP3Concept) was designed to prove that files could be disguised to fool end users. The virus was an application that played a video of a man laughing, but it looked like an MP3 file.

Renepo (Opener) was the first of a line of exceedingly dangerous self-replicating computer worms targeting Mac’s OSX. Renepo was able to control the system’s security features, disabling firewalls and setting its own permissions. Then, the worm collected all sorts of information, including passwords and IP addresses, and sent it back to its creator.

2006: Oompa-Loompa, Inqtana, and Macarena

The year of devastating Mac viruses, 2006 proved that Apple users need antivirus for Mac to stay safe.

Oompa-Loompa (Leap) spread through iChat attachments, looking like harmless images but instead overtaking the computer system and sending itself to a user’s iChat contacts.

Inqtana was created by a security expert looking to explore Mac vulnerabilities. Because it wasn’t a wild worm, the virus did little more than spread itself through Bluetooth connections.

Finally, Macarena was a humorous, low-risk virus designed to transform all files in a specific folder into videos of the popular dance song.


2007: BadBunny and RSPlug

A macro virus downloaded from, BadBunny sends itself to other users through popular messenger applications and shows users pornographic images of a man dressed in a bunny costume.

RSPlug was among the first Trojans designed for Macs. Disguised as videos on porn websites, the virus would redirect all web pages to phishing sites or additional porn sites.

2008: Troj/RKOSX, MacSweeper, Imunizator, and Hovdy

Troj/RKOSX assists hackers in infiltrating a Mac computer to gain sensitive information.

You May Also Like

One thought on “The Timeline of Mac Malware and How to Get Rid of Macro Viruses

Leave a Reply

Your email address will not be published. Required fields are marked *