Welcome to the VB2021 conference!

arrow left Back

Arm’d and dangerous

20:00 - 20:30 UTC Fri 8 Oct 2021
Patrick Wardle (Objective-See)
Apple's new M1 systems offer a myriad of benefits ... for both macOS users, and apparently malware authors too!

In this talk we detail the first malicious programs compiled to natively target Apple Silicon (M1/arm64), focusing on methods of analysis.

We'll start with a few foundation topics, such as methods of identifying native M1 code (which will aid us when hunting for M1 malware), as well as some introductory arm64 reversing concepts.

With an uncovered corpus of malware compiled to natively run on M1, we'll spend the remainder of the talk demonstrating effective analysis techniques, including many specific to the analysis arm64 code on macOS.

Armed with this information and analysis techniques, you'll leave a proficient macOS M1 malware analyst!

Got a question about this presentation? During the live broadcast post your question in the #q-and-a channel on Discord or, to get in touch with the speaker later, contact Patrick on Twitter at @patrickwardle.
Patrick Wardle
Objective-See

Patrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0-days, analysing macOS malware and writing free open-source security tools to protect Mac users.