This paper discusses reverse engineering of a Mac OS X malware commonly known
as Crisis or DaVinci. It shows that sophisticated Mac OS X malware, having features
that rival those usually seen only in Windows threats so far, are now a reality. It
highlights techniques that Crisis uses for implementing offensive code such as
debugger detection, code obfuscation, process injection, and rootkits. Tips that help
in analysis of such code are also discussed.
more here..........http://www.sans.org/reading-room/whitepapers/threats/opportunity-crisis-34600
as Crisis or DaVinci. It shows that sophisticated Mac OS X malware, having features
that rival those usually seen only in Windows threats so far, are now a reality. It
highlights techniques that Crisis uses for implementing offensive code such as
debugger detection, code obfuscation, process injection, and rootkits. Tips that help
in analysis of such code are also discussed.
more here..........http://www.sans.org/reading-room/whitepapers/threats/opportunity-crisis-34600