Apple platforms were thought far away from malware problem in a long term, until at least 21 and 27 new malware or adware families on iOS and OS X were discovered in the past two years. Some of these have led to the theft of hundreds of thousand of password (the KeyRaider) or hundreds of million of infections worldwide (the XcodeGhost). This topic will discuss the primary spreading and attack techniques used by these real world malware as well as their common characteristics, and identify trends around these topics. The security industry can use this information to build more effective solutions to detect and to defeat similar threats in near future. We will discuss with case studies on: attacking non-jailbroken iOS devices, bypassing App Store code review, infecting compilers and libraries, escalating privileges or executing code remotely via zero day vulnerabilities, attacking specific targets via commercial or customized Spyware, attacking multiple platforms or crossing platforms, making profit from advertisers by stealing revenue, and hunting Apple IDs for various evil purposes.