Even as a Mac user myself, I find myself thinking there is no need to worry about viruses and malware. Being in the security industry I know it is an absolutely ludicrous thought, but the chances are low enough that I I just push the idea to the side. Most people would say that the lack of exploits is mostly due to the low market share of the Mac, in attest to that sales are up, and we are seeing malware and even a talk about it at Black Hat this year.

“Most of the existing research (into) rootkits for OS X essentially take older Unix-based ideas and port them to OS X,” Dai Zovi told The Register. “Mine primarily uses the unique features of OS X and this makes it harder to detect the traditional tools and techniques.”

As just another Mach-based operating system, OS X is chock full of instructions that make sneaky rootkits possible. And yet there’s been little documentation, so far, of exactly what they are and how they can be used. Dai Zovi’s talk aims to fill the vacuum by showing how to extend native Mach RPC mechanisms that communicate with the Mac kernel.

“It’s not an inherent weakness in the system,” said Dai Zovi, co-author of the Mac Hacker’s Handbook. “It’s just extending the flexibility of the microkernel-based design in a malicious direction.”

I honestly haven’t looked at the code yet to see how hard the execution is. But with inclusion into the Metasploit Project, I am scared script kiddies everywhere will be able to pull it off.

(Via The Register.)