-
OSX Malware Development
Has anyone thought about how you would write malware for osx 10.4/5?
Assume you already have a browser exploit for a foothold...
How would you:
- run arbitrary code
- have a persistent installation
- load on boot
- escalate permission
- avoid detection & removal (notrace?)
I have just switched to mac and I realize I don't have a familiarity with how these different points would operate during a system compromise... for instance I would use hijackthis for a persistent installation, but wtf would you use on a mac?
tx
-
I know more about securing OS X than comprimising it, so...check
out this site:
http://www.thexlab.com/faqs/malspyware.html
Rootkits are probably a greater, albeit related, risk to OS X. If I'm
not mistaken chkrootkit run on OS X now:
http://www.chkrootkit.org/
There's also OS X Rootkit Hunter:
http://mac.sofotex.com/download-134331.html
Finally, there's ClamXav for viruses:
http://www.clamxav.com/
HTH.
-