Who’s Breaking into Your Garden? iOS and OS X Malware You May or May Not Know

Presented at BSidesSF 2016, Feb. 28, 2016, 2 p.m. (55 minutes)

Apple platforms were thought far away from malware problem in a long term, until at least 21 and 27 new malware or adware families on iOS and OS X were discovered in the past two years. Some of these have led to the theft of hundreds of thousand of password (the KeyRaider) or hundreds of million of infections worldwide (the XcodeGhost). This topic will discuss the primary spreading and attack techniques used by these real world malware as well as their common characteristics, and identify trends around these topics. The security industry can use this information to build more effective solutions to detect and to defeat similar threats in near future. We will discuss with case studies on: attacking non-jailbroken iOS devices, bypassing App Store code review, infecting compilers and libraries, escalating privileges or executing code remotely via zero day vulnerabilities, attacking specific targets via commercial or customized Spyware, attacking multiple platforms or crossing platforms, making profit from advertisers by stealing revenue, and hunting Apple IDs for various evil purposes.


Presenters:

  • Claud Xiao - Principal Security Researcher - Palo Alto Networks
    Claud Xiao (@claud_xiao) is a principal security researcher at Palo Alto Networks where he is working on advanced malware research and building antivirus services for OS X, iOS and Android. Prior to joining Palo Alto Networks, he was a senior researcher at Qihoo and was a senior researcher at Antiy Labs. In recent years, he's revealed some interesting malware and attacks including WireLurker, KeyRaider, XcodeGhost, and YiSpecter which have led to widespread conversations and rethinking of the Apple ecosystem's security and malware problem.

Links:

Similar Presentations: