Chapter 11: Malware Detection and Analysis with macOS Memory Forensics

Previously, attacks on macOS, as well as the development of specific malware for this operating system, were single events and were often limited to trivial adware. In 2020–2021, the main threat to macOS was still the adware Shlayer (https://redcanary.com/threat-detection-report/threats/shlayer/), but we are increasingly seeing targeted attacks with advanced threat actors behind them. A good example is APT32 or OceanLotus, a Vietnamese-linked group, which targeted macOS users with backdoors, delivered via malicious Microsoft Word documents.

The growing popularity of macOS in enterprise environments has triggered the appearance of various macOS post-exploitation tools: MacShellSwift ...

Get Practical Memory Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Memory Forensics by Svetlana Ostrovskaya, Oleg Skulkin

Chapter 11: Malware Detection and Analysis with macOS Memory Forensics

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly