Yes, an attacker can both use and fake your IP to commit a DDoS. Crafting packets with a spoofed source IP is all too easy to do. To actually use your IP, there are several reasons - you could have a device on your network that is compromised (virus or otherwise), yes a Mac can get a virus like that, or even your Internet-facing router could be compromised. Basically, all of the fears you listed are possible.
As for what to do? I would start with reviewing your router logs and place a packet sniffer between your router and ISP equipment. If you see strange stuff originating from inside your network (especially look for stuff destined for that guy's servers), you can assess each device individually if feasible, with malware scanners and such.