A recent security scan of 100,000 Apple Macs found that almost three percent were infected with Mac-capable malware including the recent Flashback Trojan, security company Sophos has reported.

All told, 2,700 machines showed evidence of infection, three quarters of these being infected by Flashback (or Flashflake), a piece of Java-based malware that probably ranks as the first significant global Apple malware outbreak yet recorded.

In second place with 17.8 percent was last year’s notable, OSX/FakeAV Trojan, followed by the ostensibly long-gone OSX/RSPlug from 2007 on 5.5 percent, and OSX/Jahlav from 2009 on 1.2 percent.

One in five of the Macs also turned out to be a home to PC malware, which wouldn’t be able to harm those machines directly but would be able to spread to nearby home or business PCs.  

The company found a wide variety of PC malware, most prominently Bredo on 12.2 percent, a Trojan that has been around in a succession of versions since 2009.           

"Some Mac users may be relieved that they are seven times more likely to have Windows viruses, spyware and Trojans on their Macs than Mac OS X-specific malware, but Mac malware is being surprisingly commonly encountered," said Sophos’s resident AV expert, Graham Cluley.  

"Mac users need a loud wake-up call about the growing malware problem."

The Macs in question were all machines that had downloaded the company’s free antivirus client over a seven-day period. Assuming this sample is representative, the numbers suggest a high level of Apple user complacency regarding security.

"Cybercriminals view Macs as a soft target, because their owners don’t typically run anti-virus software and are thought to have a higher level of disposable income than the typical Windows user.  Mac users must protect their computers now or risk making the malware problem on Macs as big as the problem on PCs," said Cluley.