Well, it certainly seems like someone has been quite the busy beaver recently. Not even a day after the big alarm about the “Oompa” (alternately called “Leap-A”) trojan, and already a second piece of Mac malware has surfaced. This one is apparently a worm designed to use Bluetooth to spread itself, but like Oompa, is harmless, and even has a February self-destruct date. Both Oompa and the new malware, titled Inqtana-A, are “proof of concept” malware, meaning that they are just there to see if they can work, and are not intended to do any real damage.

In fact, the Inqtana worm exploits a vulnerability that was patched by Apple eight months ago, so it will only affect you if you don’t have your Software Update turned on, and are still using OS X v. 10.3. Otherwise, Inqtana can’t touch you even if it were loose “in the wild”–which it is not.

So here’s the question: do these two pieces of malware mean that the Mac is no longer “malware-free”? That’s kind of hard to say. The Mac has had a few “first” malwares, including the rootkit hack called “Opener” about a year ago. So technically, there is malware out there for the Mac. On the other hand, none of it is anything that you are remotely likely to get. Both the Opener and the recent Oompa trojan trigger the administrative password protection, making it unlikely that they would ever get spread; Inqtana also prompts the user for acceptance, making it much less likely to spread. The “Opener” hack was never seen in the wild, and the Oompa trojan probably didn’t get past the first or maybe second generation of iteration, due to Apple’s security measures. The new Inqtana would only affect non-updated Macs, and most Mac users update–and even then, it doesn’t spread very well and will self-destruct soon.

All three of these are proof-of-concept and not intended to actually cause harm. All they do is make clear that malware can infect a Mac–which is something we’ve all known from the start. None will be infecting your computer. So from that perspective, the Mac can still be said to be malware-free (with zero viruses, even in proof-of-concept form).

But the release of Oompa and Inqtana within just a few days of each other does show that something is going on. Possibly it is one hacker churning this out. Or possibly the Inqtana hacker released their malware-in-progress when they saw reports of Oompa. Possibly Inqtana was out there and was only noticed after the Oompa publicity. Or maybe it’s simply a coincidence, with one or perhaps both pieces of malware being out there for some time and just being discovered at about the same time.

Conclusion: you don’t need anti-virus software for your Mac–yet. But you should keep an eye on Mac security news (maybe add “Mac virus” to your configurable Google News page), because eventually there will be Mac malware, it’s just a question of when.

Does this mean that the Mac is no longer more secure than Windows? Well, consider that Windows malware numbers around 60,000, and that the Mac’s security is still intrinsically better than Windows. Even if a hundred actual and harmful Mac viruses were to be released tomorrow, the Mac would still be safer than Windows.