The problem with Mac haters writing malware to target Macs as a way to make a demonstration of some sort is that they would have to actually buy a Mac, then learn how to code for it. Such a person would have to have serious anger issues to put out that much effort.
Actually, you don't really "Code for a Mac" or any other OS. Major viruses come from major production groups, rather than some young kid with social problems, as in the past. The writer(s) is an expert in C, C++ or one of the other languages that can intersect with other code and is also a whiz at reading raw code and hex streams. It is no different than a group trying to write a device driver for an closed device, except for the criminal part.
And the actual testing, nowadays, would be done on a VM version of the target OS. Who would want to actually load windows over and over every time a test was run? Then, if the virus was feasible, it would be run "for real" on a real target.
The need for a particular machine with a particular OS is trivial. A malware group could order a dozen Macs if they needed. Or two hundred. That is obvious from the reports about the few malware groups that have been arrested, or just found out about.
If a hole had been discovered to allow a drive by virus on a Mac had been found, we would have that virus today. Therefore, no holes have been found. Note, that this does not say that a hole doesn't exist - just that, if it does, then it is unknown so far.
Unfortunately, the laws about turning malware loose on the Internet have punishment mandates about equivalent to "I'm going to tell your Mother on you."