Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-27SentinelOnePhil Stokes
Atomic Stealer | Threat Actor Spawns Second Variant of macOS Malware Sold on Telegram
AMOS
2025-02-03SentinelOnePhil Stokes, Tom Hegel
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
FlexibleFerret FriendlyFerret FrostyFerret
2024-04-02SentinelOnePhil Stokes
Session Cookies, Keychains, SSH Keys and More | 7 Kinds of Data Malware Steals from macOS Users
EggShell RAT KeySteal Pureland
2023-11-27SentinelOnePhil Stokes
DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads
HLOADER KANDYKORN RustBucket SUGARLOADER
2023-08-21SentinelOneDinesh Devadoss, Phil Stokes
XLoader's Latest Trick | New macOS Variant Disguised as Signed OfficeNote App
Xloader
2023-07-05SentinelOnePhil Stokes
BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection
RustBucket
2022-09-26SentinelOneDinesh Devadoss, Phil Stokes
Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto
Interception
2022-05-09Dinesh Devadoss, Phil Stokes
From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win
oRAT
2022-05-09SentinelOneDinesh Devadoss, Phil Stokes
From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win
2022-03-21SentinelOnePhil Stokes
The Art and Science of macOS Malware Hunting with radare2 | Leveraging Xrefs, YARA and Zignatures
AbstractEmu Vigram
2022-02-01SentinelOnePhil Stokes
Sneaky Spies and Backdoor RATs | SysJoker and DazzleSpy Malware Target macOS
DazzleSpy SysJoker
2021-11-15SentinelOnePhil Stokes
Infect If Needed | A Deeper Dive Into Targeted Backdoor macOS.Macma
CDDS
2021-09-20SentinelOnePhil Stokes
Defeating macOS Malware Anti-Analysis Tricks with Radare2
EvilQuest
2021-07-26SentinelOnePhil Stokes
Detecting XLoader | A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger
Xloader
2021-03-18SentinelOnePhil Stokes
New macOS malware XcodeSpy Targets Xcode Developers with EggShell Backdoor
2021-01-11Sentinel LABSPhil Stokes
FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts
OSAMiner
2020-12-02SentinelOnePhil Stokes
APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique
OceanLotus
2020-11-05SentinelOnePhil Stokes
Resourceful macOS Malware Hides in Named Fork
Bundlore
2020-07-27SentinelOnePhil Stokes
Four Distinct Families of Lazarus Malware Target Apple’s macOS Platform
AppleJeus Casso Dacls WatchCat
2020-07-08SentinelOnePhil Stokes
“EvilQuest” Rolls Ransomware, Spyware & Data Theft Into One
EvilQuest
2020-06-08SentinelOnePhil Stokes
A Guide to macOS Threat Hunting and Incident Response
2020-05-15SentinelOnePhil Stokes
A Guide to macOS Threat Hunting and Incident Response
2018-09-20SentinelOnePhil Stokes
On the Trail of OSX.FairyTale | Adware Playing at Malware
FailyTale