OSX Malware Development
Has anyone thought about how you would write malware for osx 10.4/5?
Assume you already have a browser exploit for a foothold...
How would you:
- run arbitrary code
- have a persistent installation
- load on boot
- escalate permission
- avoid detection & removal (notrace?)
I have just switched to mac and I realize I don't have a familiarity with how these different points would operate during a system compromise... for instance I would use hijackthis for a persistent installation, but wtf would you use on a mac?
I know more about securing OS X than comprimising it, so...check
out this site:
Rootkits are probably a greater, albeit related, risk to OS X. If I'm
not mistaken chkrootkit run on OS X now:
There's also OS X Rootkit Hunter:
Finally, there's ClamXav for viruses: