Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-03Objective-SeePatrick Wardle
@online{wardle:20201103:adventures:1b70800, author = {Patrick Wardle}, title = {{Adventures in Anti-Gravity: Deconstructing the Mac Variant of GravityRAT}}, date = {2020-11-03}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x5B.html}, language = {English}, urldate = {2020-11-06} } Adventures in Anti-Gravity: Deconstructing the Mac Variant of GravityRAT
2020-09-26Objective-SeePatrick Wardle
@online{wardle:20200926:finfisher:fa6d6ad, author = {Patrick Wardle}, title = {{FinFisher Filleted: a triage of the FinSpy (macOS) malware}}, date = {2020-09-26}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x4F.html}, language = {English}, urldate = {2020-10-05} } FinFisher Filleted: a triage of the FinSpy (macOS) malware
FinFisher
2020-06-29Objective-SeePatrick Wardle
@online{wardle:20200629:osxevilquest:dc69dab, author = {Patrick Wardle}, title = {{OSX.EvilQuest Uncovered}}, date = {2020-06-29}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x59.html}, language = {English}, urldate = {2020-06-30} } OSX.EvilQuest Uncovered
EvilQuest
2020-05-05Objective-SeePatrick Wardle
@online{wardle:20200505:dacls:b9f2391, author = {Patrick Wardle}, title = {{The Dacls RAT ...now on macOS! deconstructing the mac variant of a lazarus group implant}}, date = {2020-05-05}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x57.html}, language = {English}, urldate = {2020-05-07} } The Dacls RAT ...now on macOS! deconstructing the mac variant of a lazarus group implant
Dacls
2020-02-22Objective-SeePatrick Wardle
@online{wardle:20200222:weaponizing:ea810ff, author = {Patrick Wardle}, title = {{Weaponizing a Lazarus Group Implant: repurposing a 1st-stage loader, to execute custom 'fileless' payloads}}, date = {2020-02-22}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x54.html}, language = {English}, urldate = {2020-02-27} } Weaponizing a Lazarus Group Implant: repurposing a 1st-stage loader, to execute custom 'fileless' payloads
AppleJeus
2020-01-01Objective-SeePatrick Wardle
@online{wardle:20200101:mac:1d3cffc, author = {Patrick Wardle}, title = {{The Mac Malware of 2019}}, date = {2020-01-01}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x53.html}, language = {English}, urldate = {2020-07-20} } The Mac Malware of 2019
Gmera Mokes Yort
2019-12-03Objective-SeeObjective-See
@online{objectivesee:20191203:lazarus:028af2b, author = {Objective-See}, title = {{Lazarus Group Goes 'Fileless'}}, date = {2019-12-03}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x51.html}, language = {English}, urldate = {2020-01-13} } Lazarus Group Goes 'Fileless'
Unidentified macOS 001 (UnionCryptoTrader)
2019-10-12Objective-SeePatrick Wardle
@online{wardle:20191012:pass:9a75bd6, author = {Patrick Wardle}, title = {{Pass the AppleJeus}}, date = {2019-10-12}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x49.html}, language = {English}, urldate = {2020-01-13} } Pass the AppleJeus
AppleJeus
2019-06-20Objective-SeePatrick Wardle
@online{wardle:20190620:burned:0768343, author = {Patrick Wardle}, title = {{Burned by Fire(fox)}}, date = {2019-06-20}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x43.html}, language = {English}, urldate = {2020-01-10} } Burned by Fire(fox)
Wirenet
2018-12-20Objective-SeePatrick Wardle
@online{wardle:20181220:middle:a318acb, author = {Patrick Wardle}, title = {{Middle East Cyber-Espionage: analyzing WindShift's implant: OSX.WindTail (part 1)}}, date = {2018-12-20}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x3B.html}, language = {English}, urldate = {2020-01-07} } Middle East Cyber-Espionage: analyzing WindShift's implant: OSX.WindTail (part 1)
WindTail
2018-06-29Objective-SeePatrick Wardle
@online{wardle:20180629:osxdummy:21758e3, author = {Patrick Wardle}, title = {{OSX.Dummy}}, date = {2018-06-29}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x32.html}, language = {English}, urldate = {2020-01-10} } OSX.Dummy
Dummy
2018-02-17Objective-SeePatrick Wardle
@online{wardle:20180217:tearing:57ab62c, author = {Patrick Wardle}, title = {{Tearing Apart the Undetected (OSX)Coldroot RAT}}, date = {2018-02-17}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x2A.html}, language = {English}, urldate = {2020-01-13} } Tearing Apart the Undetected (OSX)Coldroot RAT
Coldroot RAT
2018-02-05Objective-SeePatrick Wardle
@online{wardle:20180205:analyzing:928c52d, author = {Patrick Wardle}, title = {{Analyzing OSX/CreativeUpdater}}, date = {2018-02-05}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x29.html}, language = {English}, urldate = {2020-01-10} } Analyzing OSX/CreativeUpdater
CreativeUpdater
2018-01-24Objective-SeePatrick Wardle
@online{wardle:20180124:analyzing:5922fbb, author = {Patrick Wardle}, title = {{Analyzing CrossRAT: A cross-platform implant, utilized in a global cyber-espionage campaign}}, date = {2018-01-24}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x28.html}, language = {English}, urldate = {2019-11-27} } Analyzing CrossRAT: A cross-platform implant, utilized in a global cyber-espionage campaign
CrossRAT
2018-01-11Objective-SeePatrick Wardle
@online{wardle:20180111:ay:2c79d80, author = {Patrick Wardle}, title = {{Ay MaMi}}, date = {2018-01-11}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x26.html}, language = {English}, urldate = {2020-01-08} } Ay MaMi
MaMi
2017-08-08Objective-SeePatrick Wardle
@online{wardle:20170808:wtf:7e38e1e, author = {Patrick Wardle}, title = {{WTF is Mughthesec!?}}, date = {2017-08-08}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x20.html}, language = {English}, urldate = {2020-01-07} } WTF is Mughthesec!?
Mughthesec
2017-06-12Objective-SeePatrick Wardle
@online{wardle:20170612:osxmacransom:bac498a, author = {Patrick Wardle}, title = {{OSX/MacRansom}}, date = {2017-06-12}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x1E.html}, language = {English}, urldate = {2019-10-23} } OSX/MacRansom
MacRansom
2017-06-05Objective-SeePatrick Wardle
@online{wardle:20170605:handbrake:d75a179, author = {Patrick Wardle}, title = {{HandBrake Hacked! - osx/proton (re)appears}}, date = {2017-06-05}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x1D.html}, language = {English}, urldate = {2019-07-10} } HandBrake Hacked! - osx/proton (re)appears
Proton RAT
2017-05-10Objective-SeeObjective-See
@online{objectivesee:20170510:osxprotonb:31502a9, author = {Objective-See}, title = {{OSX/Proton.B}}, date = {2017-05-10}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x1F.html}, language = {English}, urldate = {2020-01-09} } OSX/Proton.B
Proton RAT
2017-01-01Objective-SeePatrick Wardle
@online{wardle:20170101:mac:8c2d52b, author = {Patrick Wardle}, title = {{Mac Malware of 2016}}, date = {2017-01-01}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x16.html}, language = {English}, urldate = {2020-01-09} } Mac Malware of 2016
KeRanger Keydnap Komplex Laoshu MacInstaller MacVX Mokes WireLurker XSLCmd