The first bot building kit for Mac is on the market. It is cheap too, just 1000 US$ and the web-injects of ZeuS and SpyEye can be reused.
Want to see it working?
The programmer (himself?) shows a working example on Youtube.
Be part of a new iWorld wide iBot iNetwork! Share unused resources like the computing power of your Macs, bandwidth, your credit card numbers and bank account data with others who really need them!
The bot code, generated by the crimeware kit’s "builder" component, typically is distributed via social engineering attacks in email and social networking sites, or is foisted by an exploit pack like Eleonore or Blackhole, which use hacked Web sites and browser flaws to quietly install the malware. Crimeware kits also come with a Web-based administration panel that allows the customer to manage and harvest data from infected PCs.
The kit does not currently attempt to exploit any security holes in order to install the bot code without warning, but nobody stops a Mac user from installing the malicious software or deliberately opening an infected document. Social engineering people into doing such stupid things is one of the main reasons for most infections in the Windows world, and Mac users are just humans too
The seller of this crimeware kit claims his product supports form-grabbing in Firefox and Chrome, and says he plans to develop a Linux version and one for the iPad in the months ahead.
Dear Mac users,
please don't surf with Firefox or Chrome in the meantime, the form grabber is proven to work for those two browsers on OSX. Safari and Opera are still safe, but that may change in the next revision of the construction kit. Get some decent anti virus software of the same quality standard as is usual for Windows systems - even if your system is not infected by a piece of malware, you could act as a typhoid Mary and infect others if you send the infected file to your contacts by mail or other means.
PS: I really wonder why it took so long. An unprotected Mac is not much safer or "more secure" than Windows, that is just a delusion of some iFanboys, sorry.
Here the blog post of the Danish IT security company CSIS Security Group that was used for parts of the information provided above.