In association with heise online

25 January 2009, 13:13

A Mac OS X attack that leaves no trace

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Vincenzo Iozzo, an Italian security researcher, says he's discovered a new way to inject executable code directly into the memory of a Mac OS X machine without leaving any trace behind. That would make detection of an attack considerably more difficult.

Attackers normally leave files on the hard disk, such as their own code, and virus scanners can spot these. Iozzo's technique could be used to run a binary file entirely in the memory area of the program under attack, so that no change is made to the hard disk. It could also be used on an iPhone, which after all runs a modified version of Mac OS X.

Iozzo intends to present his discovery at the Black Hat security conference in February, and then publish a sample program written in C for Mac OS X 10.5.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit