The Case of the Fly on the Wall

Presented at Objective by the Sea version 3.0 (2020), March 12, 2020, 5 p.m. (25 minutes).

It's not every day that we see a truly unique and interesting piece of malware on the Mac. So much Mac malware is poorly written, steals from someone else's proof-of-concept, and/or drops open-source exploit kits. But it's even more rare that we learn exactly who was behind a piece of very interesting malware, how they were identified, and see them prosecuted! This is the story of a piece of creepy spyware that was in the wild for ten years before being discovered, how it was found, and how its capabilities were identified. It is also the story of the man who allegedly created the malware, how he was caught, and the criminal case against him.

Presenters:

• Thomas Reed - Director of Mac & Mobile at Malwarebytes
  Thomas Reed has been a Mac user since 1984, and is a self-taught developer and security researcher. He is the founder of The Safe Mac and creator of the AdwareMedic adware removal tool for Macs. He is currently Director of Mac & Mobile at Malwarebytes, where he directs product development and Mac security research. His hobbies include hiking and photography, and he is happily married with four children.

Links:

• https://objectivebythesea.org/v3/content.html#tReed
• https://www.youtube.com/watch?v=qWPjCL9Cyz4
• https://objectivebythesea.org/v3/talks/OBTS_v3_tReed.pdf

Similar Presentations:

• DEF CON 18 (2010) / 0box Analyzer: AfterDark Runtime Forensics for Automated Malware Analysis and Clustering
• ekoparty 14 (2018) / To Execute or Not to Execute. How to Build a Malware Execution Lab
• Objective by the Sea version 4.0 (2021) / Mac detections by the numbers