Has anyone thought about how you would write malware for osx 10.4/5?
Assume you already have a browser exploit for a foothold...
How would you:
- run arbitrary code
- have a persistent installation
- load on boot
- escalate permission
- avoid detection & removal (notrace?)
I have just switched to mac and I realize I don't have a familiarity with how these different points would operate during a system compromise... for instance I would use hijackthis for a persistent installation, but wtf would you use on a mac?
tx