Mac malware using an exploit so small it fits in a tweet has been upgraded to avoid anti-virus checks. The malware uses the patched OS X DYLD_PRINT_TO_FILE vulnerability that grants attackers root privilege escalation through trivial code. The updated version will throw a fleeting installer request to access the OS X keychain and simulate a click on “allow” before the user can prevent the installation.
View full story