technique
https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Higashi, Michael. (2018, May 15). Instance Metadata API: A Modern Day Trojan Horse. Retrieved July 16, 2019.
technique
https://attack.mitre.org/techniques/T1552/005
technique
http://www.slideshare.net/StephanBorosh/external-to-da-the-os-x-way
Alex Rymdeko-Harvey, Steve Borosh. (2016, May 14). External to DA, the OS X Way. Retrieved July 3, 2017.
technique
http://juusosalonen.com/post/30923743427/breaking-into-the-os-x-keychain
Juuso Salonen. (2012, September 5). Breaking into the OS X keychain. Retrieved July 15, 2017.
technique
https://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/
Marc-Etienne M.Leveille. (2016, July 6). New OSX/Keydnap malware is hungry for credentials. Retrieved July 3, 2017.
technique
https://attack.mitre.org/techniques/T1555/002
technique
http://www.symantec.com/connect/blogs/are-mbr-infections-back-fashion
Lau, H. (2011, August 8). Are MBR Infections Back in Fashion? (Infographic). Retrieved November 13, 2014.
technique
https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/rpt-mtrends-2016.pdf
Mandiant. (2016, February 25). Mandiant M-Trends 2016. Retrieved March 5, 2019.
technique
https://capec.mitre.org/data/definitions/552.html
technique
https://attack.mitre.org/techniques/T1542/003