For the longest time Mac users have felt confident about the relative lack of malware infecting their machines. However, recent research has shown us a bigger picture of the first known Mac OS X botnet, which was discovered using the infected Macs to perform denial of service attacks.

An Australian blogger had posted back in January about an incident where he found nearly 100% of his Mac laptop's system resources were being consumed by unknown processes. Upon further investigation, it was found that a PHP script was running with root access and was using his laptop to send a flood of data packets to an undisclosed website.

This botnet infects computers using its own P2P engine, and has the ability to hide itself using encryption and can easily update itself to avoid detection, according to Symantec experts. They have also warned that newer versions of the botnet malware may soon be seen in other machines due to the flexible and adaptable design these malware have been programmed in.

 Macintosh machines are recruited into the botnet by two trojans named OSX.Trojan.iServices.A and OSX.Trojan.iServices.B by Intego, an anti-malware developer for Mac. These malware were first detected in January bundled with pirated copies of Apple iWork 09 and Adobe Photoshop CS4 available for download from many warez sites. According to Intego, more than 20,000 users have downloaded these installers since their release three months ago. 

Symantec's report has surfaced as reports of exploited holes in OS X circulate and a researcher demonstrates how to execute shell code on the iPhone. This poses a big problem for Apple, as their popularity not only increases their market share (up to 7% last year) but also begins to attract the attention and efforts of virus and malware creators. While the OS X has never been truly immune from these kinds of malware, the relative lack of worms and viruses infecting Mac machines have made many users complacent and too trusting of software available from questionable sources

In light of this growing interest of malware developers in the OS X and Apple products, Symantec warns of "more advanced spoofing tricks" which may be seen in the future.