I just knew if I scrolled down this thread a while, I'd see exactly this bit of fud thrown out.
Fortunately, I have a reply that I've previously written to counter this silly FUD.
Oh, I don't know. Perhaps as someone else already said on this thread, it might be done for the bragging rights of having created the first successful virus/worm to attack Macs.
I've seen this charge that the small market share that Mac and Linux have is what keeps them safe. It is repeated often enough and seems reasonable enough until you actually look at the history of some other worms/viruses.
Consider: the spread of the Witty Worm.
Quoth the poster:
Witty infected only about a tenth as many hosts than the next smallest widespread Internet worm. Where SQL Slammer infected between 75,000 and 100,000 computers, the vulnerable population of the Witty worm was only about 12,000 computers. Although researchers have long predicted that a fast-probing worm could infect a small population very quickly, Witty is the first worm to demonstrate this capability. While Witty took 30 minutes longer than SQL Slammer to infect its vulnerable population, both worms spread far faster than human intervention could stop them. In the past, users of software that is not ubiquitously deployed have considered themselves relatively safe from most network-based pathogens. Witty demonstrates that a remotely accessible bug in any minimally popular piece of software can be successfully exploited by an automated attack.
I suspect there are more than 12,000 Linux and/or Mac hosts out there on the internet.
Also, consider that the folks who were hit with this were also among the more security-concious users:
The vulnerable host population pool for the Witty worm was quite different from that of previous virulent worms. Previous worms have lagged several weeks behind publication of details about the remote-exploit bug, and large portions of the victim populations appeared to not know what software was running on their machines, let alone take steps to make sure that software was up to date with security patches. In contrast, the Witty worm infected a population of hosts that were proactive about security -- they were running firewall software. The Witty worm also started to spread the day after information about the exploit and the software upgrades to fix the bug were available.
Show me a successful worm/virus against Macs and I'll listen. Until then, your talking point is FUD.
Hm, you can't exactly brag about doing something illegal like writing viruses when the bragging will send you to jail.
Duh.