Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-26MalwarebytesThomas Reed
@online{reed:20210726:osxxloader:b3818a3, author = {Thomas Reed}, title = {{OSX.XLoader hides little except its main purpose: What we learned in the installation process}}, date = {2021-07-26}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/mac/2021/07/osx-xloader-hides-little-except-its-main-purpose-what-we-learned-in-the-installation-process/}, language = {English}, urldate = {2021-08-02} } OSX.XLoader hides little except its main purpose: What we learned in the installation process
Xloader
2020-05-06MalwarebytesHossein Jazi, Thomas Reed, Jérôme Segura
@online{jazi:20200506:new:7723083, author = {Hossein Jazi and Thomas Reed and Jérôme Segura}, title = {{New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app}}, date = {2020-05-06}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2020/05/new-mac-variant-of-lazarus-dacls-rat-distributed-via-trojanized-2fa-app/}, language = {English}, urldate = {2020-05-07} } New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
Dacls
2020-03-12Obective SeeThomas Reed
@techreport{reed:20200312:case:7e22ee6, author = {Thomas Reed}, title = {{The case of the fly on the wall}}, date = {2020-03-12}, institution = {Obective See}, url = {https://objectivebythesea.com/v3/talks/OBTS_v3_tReed.pdf}, language = {English}, urldate = {2020-05-02} } The case of the fly on the wall
FruitFly
2020-02-10MalwarebytesAdam Kujawa, Wendy Zamora, Jérôme Segura, Thomas Reed, Nathan Collier, Jovi Umawing, Chris Boyd, Pieter Arntz, David Ruiz
@techreport{kujawa:20200210:2020:3fdaf12, author = {Adam Kujawa and Wendy Zamora and Jérôme Segura and Thomas Reed and Nathan Collier and Jovi Umawing and Chris Boyd and Pieter Arntz and David Ruiz}, title = {{2020 State of Malware Report}}, date = {2020-02-10}, institution = {Malwarebytes}, url = {https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf}, language = {English}, urldate = {2020-02-13} } 2020 State of Malware Report
magecart Emotet QakBot REvil Ryuk TrickBot WannaCryptor
2018-12-07MalwarebytesThomas Reed
@online{reed:20181207:mac:1bba675, author = {Thomas Reed}, title = {{Mac malware combines EmPyre backdoor and XMRig miner}}, date = {2018-12-07}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/12/mac-malware-combines-empyre-backdoor-and-xmrig-miner/}, language = {English}, urldate = {2019-12-20} } Mac malware combines EmPyre backdoor and XMRig miner
DarthMiner
2018-04-24MalwarebytesThomas Reed
@online{reed:20180424:new:b461f4b, author = {Thomas Reed}, title = {{New Crossrider variant installs configuration profiles on Macs}}, date = {2018-04-24}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/04/new-crossrider-variant-installs-configuration-profiles-on-macs/?utm_source=twitter&utm_medium=social}, language = {English}, urldate = {2019-12-20} } New Crossrider variant installs configuration profiles on Macs
Crossrider
2018-02-02MalwarebytesThomas Reed
@online{reed:20180202:new:b58d818, author = {Thomas Reed}, title = {{New Mac cryptominer distributed via a MacUpdate hack}}, date = {2018-02-02}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/02/new-mac-cryptominer-distributed-via-a-macupdate-hack/}, language = {English}, urldate = {2019-12-20} } New Mac cryptominer distributed via a MacUpdate hack
CreativeUpdater
2017-12-08MalwarebytesThomas Reed
@online{reed:20171208:interesting:a8a206e, author = {Thomas Reed}, title = {{Interesting disguise employed by new Mac malware HiddenLotus}}, date = {2017-12-08}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2017/12/interesting-disguise-employed-by-new-mac-malware/}, language = {English}, urldate = {2019-12-20} } Interesting disguise employed by new Mac malware HiddenLotus
HiddenLotus
2017-11-20MalwarebytesThomas Reed
@online{reed:20171120:osxproton:828050c, author = {Thomas Reed}, title = {{OSX.Proton spreading through fake Symantec blog}}, date = {2017-11-20}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/}, language = {English}, urldate = {2019-12-20} } OSX.Proton spreading through fake Symantec blog
Proton RAT
2017-05-05MalwarebytesThomas Reed
@online{reed:20170505:snake:01961aa, author = {Thomas Reed}, title = {{Snake malware ported from Windows to Mac}}, date = {2017-05-05}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2017/05/snake-malware-ported-windows-mac/}, language = {English}, urldate = {2019-12-20} } Snake malware ported from Windows to Mac
Uroburos
2017-05-01MalwarebytesThomas Reed
@online{reed:20170501:another:74546e3, author = {Thomas Reed}, title = {{Another OSX.Dok dropper found installing new backdoor}}, date = {2017-05-01}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2017/05/another-osx-dok-dropper-found-installing-new-backdoor/}, language = {English}, urldate = {2019-12-20} } Another OSX.Dok dropper found installing new backdoor
Bella
2017-01-18MalwarebytesThomas Reed
@online{reed:20170118:new:e34009a, author = {Thomas Reed}, title = {{New Mac backdoor using antiquated code}}, date = {2017-01-18}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2017/01/new-mac-backdoor-using-antiquated-code/}, language = {English}, urldate = {2019-12-20} } New Mac backdoor using antiquated code
FruitFly
2016-09-27MalwarebytesThomas Reed
@online{reed:20160927:komplex:0cd401d, author = {Thomas Reed}, title = {{Komplex Mac backdoor answers old questions}}, date = {2016-09-27}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2016/09/komplex-mac-backdoor-answers-old-questions/}, language = {English}, urldate = {2019-12-20} } Komplex Mac backdoor answers old questions
Komplex