Flashback OS X malware

Broderick Aquilino F-Secure

  download slides (PDF)

Windows has been the target of malware for decades. This has resulted in a more hardened system and a better user awareness. On the other hand, OS X has not really needed to go through all the troubles of crime fighting until recently. Now, with its growing market share and lower user awareness, it is clear that OS X is becoming more and more attractive to malware authors.

OS X was bombarded by several malware families and variants last year. Towards the end of the year, there was almost always a new malware family or variant being discovered every week. Each one is more sophisticated than the previous one. It seems that OS X malware has entered a state of accelerated evolution. At the forefront of all these was the Flashback malware.

Flashback is the most advanced OS X malware ever seen. It boasts a series of firsts for its kind. It is the first to be VMware-aware, the first to disable the built-in malware protection program of OS X, and the first to propagate via exploits. In terms of sophistication, it is stealthy to inject its code into processes of browsers. This paper will present a technical analysis of the Flashback malware family.



VB Conferences
VBConnect

VB2016 (Denver)

VB2015 (Prague)

VB2014 (Seattle)

VB2013 (Berlin)

VB2012 (Dallas)

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)


‘I would like to thank you for hosting such an educational, informative, and entertaining conference.’


Advertisement
Jobs Recruit Sidebar