Sophos says it has some 150,000 active users, meaning those who download updates from its servers, so far. Furthermore, in the first two weeks of availability, the company said it counted just under 50,000 malware reports from the Mac users. The top 20 chart below shows the percentage of malware reports by users of the Mac product for the most commonly encountered malware that they are seeing:
The top threat, Mal/ASDFDldr-A, is how Sophos detects malicious files that use the scripting capability of Microsoft Media Player to force a user to visit an infected site instead of playing a video. The infected media files are typically blank (no music, no video) but are several megabytes in size due to null padding, and they are distributed posing as music from Lady Gaga, ABBA, Madonna, and so on.
There's also a lot of cross-platform Java-based attacks in the list, many of which have been designed to download further Windows-based attacks to computers, but they could easily be adapted to download Mac-based threats too. It's no wonder that Java is on Apple's kill list.
There's also some Mac OS X-specific malware: OSX/Jahlav and DNS Changer. These are well known Mac Trojans typically found all over the Web disguised as downloads, plug-ins, or videos.
"We don't see as much Mac malware as Windows malware," Sophos said in a statement. "Not by a long shot. But that doesn't mean that Mac users can afford to have their heads in the sand about about protecting their precious computers. And, unfortunately, so long as Mac users don't properly defend themselves they will increasingly be perceived as a soft target by cybercriminals."