Skip to main content

Malware

2024

An Infostealer's Brewin': Cuckoo & AtomicStealer Get Creative
macOS Malware RE CTI AMOS Infostealer
Recent infostealer malware campaign utilizing fake Homebrew websites to deliver Cuckoo and AtomicStealer.
LightSpy Malware Variant Targeting macOS
macOS Malware iOS APT RE
Clearing up some misconceptions about the return of LightSpy and an analysis of the macOS version.
The Secrets of XProtectRemediator
Binary Ninja Malware RE CTI YARA macOS
A primer on macOS security internals and reverse engineering macOS’ XProtectRemediators to extract ‘secret’ YARA rules!

2023

Revisiting Lazarus' Operation Intercept
Lazarus Malware RE CTI North Korea macOS
An analysis of a multi-stage macOS implant which shares a large number of commonalities with Lazarus’ Operation In(ter)ception.

2022

Lazarus Using Leaked Hacking Team Tooling
Lazarus Malware RE CTI North Korea
A quick analysis of Lazarus sample which makes use of Hacking Team tools from the 2017 leak.
PizzaCrypt Analysis
Malware ransomware .NET RE
A quick analysis of some fun .NET ransomware with a goofy ransom note.