For a long time, most Mac users have been able to operate quite happily without anti-virus software. Not, as Apple prefer to claim, that OS X is inherently more secure than recent versions of Windows, but because the vast majority of malware has been targeted at vulnerabilities in Microsoft software.
But as Mac sales have kept on growing, from a negligible share of the market not so many years ago to an actually quite significant share now, it was inevitable that sooner or later the malware creators would take notice.
And so they have. It’s been claimed by a Russian site that over 600,000 Macs worldwide are in a botnet. The vector for the infection is a hole in Java, which has been patched in the last few days.
There’s some information in this Sophos Naked Security blog post.
And so, I’ve decided that it’s now well past time for it, and I’ve installed Sophos Anti-Virus for Mac Home Edition on my computers. It’s free to use, and so far doesn’t seem to affect performance at all.
I’ve given the iMac and the MacBok Air a full scan, and all that showed up was a phishing attempt in an attachment to an email in the spam folder for an email account I don’t actually use. Attempting to download the EICAR test file triggered an on-access alert, so I think it’s reasonably safe to believe that it’s working.
Oh, and MUTTER.
 That’s in the last few days for the Apple version of Java. Apparently Oracle patched theirs quite some time ago.