OS162 Review2 Writing Bad @$$ Malware for OS X
Hello everyone, I am Benediktus Giovanito Antaputra. In this post I would like to review a video available on YouTube entitled: "Writing Bad @$$ Malware for OS X". This video was published on December 2015 by an account named Red Hat (the speaker in the video is Patrick Wardle). The duration of the video is 51 minutes and 38 seconds, and the URL is https://www.youtube.com/watch?v=fv4l9yAL2sU . Patrick Wardle himself is the Director of Research at Synack, an incorporation focusing on security assessment.

The video begins with Patrick explaining about several known OS X malware such as iWorm, XSLCmd, and WireLurker (though firmware/kernel-mode malware is not covered in the video) as well as the reason why people should be concerned about Apple's so-called prevalent security. He adds that by his assessment, the malwares are sufficient enough but lack elegancy in its programming and are very easy to detect, as most of the sourcecode are unable to handle antivirus countermeasures. He then goes on to describe how one would infect a Mac through means of downloading software over HTTP.

After that, he recommends several more viable ways other than what the malwares had been using as a means of surviving countermeasures once the user is aware of the malware. Several persistence methods he mentioned are binary infection, load time process infection, and dylib hijacking. He also points out faults in the OS X loader in which a hacker can exploit and then infect the PC. Having pointed out the faults of the loader, he goes on to suggest several ways in which the malwares can be improved, which is by adding self-defense characteristics. Also included is his preferred methods so that the malware can defend itself, which is encryption and hiding. The video draws to an end as he mentions several other methods of bypsasing pre-installed OS X security software.

Although I am a non-Apple user, this video is interesting and very educative for several reasons. It opens the viewers' eyes to the fact that even if Apple-based malware is much fewer than Windows', this does not guarantee Apple's competence in securing its OS. The speaker himself, in my opinion, is able to express his views on the subject of OS X malware with obvious expertise and finesse. The various 'solutions' he offers, for example, to infect an OS X PC clearly shows that he has given much thought, as well as experimentation, on the matter. The level of professionality, in conclusion. is what makes the video so enjoyable.

My GitHub account: TheCelVanBi
The URL of this review: http://awdictas.blogspot.com/2016/12/os162-review2-writing-bad-malware-for.html
The URL of the video:  https://www.youtube.com/watch?v=fv4l9yAL2sU
The duration of the video: 51 minutes 38 seconds
Date of first and last submission: 10 December 2016