Final Word was Mac Security: OSX.Exploit.MetaData.B Trojan 3259
...
Intelligent malware installs a rootkit: In fact, Sony installed one on Windows computers in order to install some hidden copy-protection software.
In fine, UNIX computers are hard for malware to take over, but OS bugs have been exploited since the 1980'ies, where this famous virus knocked down quite a few of them. It exploited a bug in the email software, where certain overshooting enabled one to write in area with root permissions. If you read the Mac OS XÊSecurity Updates info, there are still a lot of similar loopholes. The writer of malware must exploit the gap in time between the bug has been found, and it has been plugged in an update. So update the system software frequently.
Which is enough, if root is enabled and has no pbuttword or has a weak pbuttword. Do you think malware authors are going to feel duty-bound to comply? ;-) buttuming the malware author...
Another method used by some kids, was to ask employees of a company, at the gate, filling in aÊquestionnaire giving awayÊseemingness innocent information such asÊnames of pets, birthdays, etc. The thing is that sloppy users often use such info to create user account pbuttwords. So on a multiuser system, one gets access to at least a few accounts, which may suffice for a first entry.
And there are many other techniques, exploiting the weakness of humans.
OS X has as many logs as you configure it to have and if a process decides not to write to the log, it leaves no trace here. Meanwhile it's often...
-- Hans Aberg