So excellent that some malware deletes itself if Little Snitch is even installed (https://www.f-secure.com/v-descs/trojan-downloader_osx_flash...). However, it's worth noting "DYLD_PRINT_TO_FILE" is a root exploit, which may circumvent or disable Little Snitch entirely if used by APT; Little Snitch may not see all network activity. In fact, a root exploit allows one to write malware completely hidden from userland altogether (lsof, ps, tcpdump, etc.) (https://github.com/hackedteam/driver-macos). It is truly scary how vulnerable OS X is at the moment.