Macintosh OSX binary malware

Marius van Oers McAfee AVERT

  download slides (PDF)

With the recent appearances of OSX/Leap and OSX/Inqtana it is clear that Macintosh users are also vulnerable to native malware. Due to the appearance of Mac OSX for Intel, the userbase of people running OSX may grow much bigger than it is today and therefore also draw the attention of malware writers. OSX binary files used to be of the BSD a.out file format specification. Nowadays, the Mach-O (Mach object) file format is used for binary files. This paper will mainly focus on the current OSX binary file format structure and the possible security issues related to that.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.