Malicious Streams

Mac OS X Malware Analysis

As Apple's market share raises so will the Malware! Will incident responders be ready to address this rising threat? The intent of this paper is to begin building a basic Mac OS X malware analysis capabilities to deal with the potential of Mac Malware. Read Paper

OS X Tored.A: Lameware

This new OS X “Worm” is one poorly written piece of malware. Written in RealBasic the malware utilizes no encryption, no packing technology, and most of the time just doesn’t work. It was quite amusing reading the embedded strings -- I will spare you the profanity. One thing that did catch my eye was all the hard coded SMTP servers the “worm” utilizes were in France. So I decided to plot the SMTP servers using whois/google maps ...

So where do you think our vxer is from?

OS X Puper.A (RS-Plug.F)

OS X Puper.A by most accounts has been the most popular Mac OS X malware in the past 18 months. What is most fascinating is how little sophistication is involved in this threat and yet how it continues to be a viable threat for the Mac platform. Read the analysis report for details. Read Report