./senua -v | The SWIFTly Sneaky Reddit Command and Control

Presented at THOTCON 0xB (2021) Rescheduled, Oct. 8, 2021, 4 p.m. (50 minutes)

Command and control is an essential part of system compromise. The traditional methods are cool but let's change it up! Why not use Reddit for your command and control like other APTs? And why not pair that with a custom Mac Swift application to challenge the thought of "Macs are more secure"? This talk will show a deep dive into the Swift coding language and how the Senua application uses Swift and API calls to its advantage. This includes code examples and methods used to minimize artifacts to further hide the true intentions of the application.

Presenters:

• Anxious Rabbit
  Zach is a fan of modern coding languages and is a hobbiest researcher who likes granulated sugar on pancakes.

Similar Presentations:

• DeepSec 2018 „I like to mov &6974,%bx“ / The Swift Language from a Reverse Engineering Perspective
• DerbyCon 9.0 Finish Line (2019) / Bypassing MacOS Detections With Swift
• Shakacon VIII (2016) / Swift Reversing