Presentation information

Arm’d and dangerous

Patrick Wardle (Objective-See)
live only
20:00 UTC on Day 2
THURSDAY 01 OCTOBER
Apple's new M1 systems offer a myriad of benefits ... for both macOS users, and apparently malware authors too!

In this talk we detail the first malicious programs compiled to natively target Apple Silicon (M1/arm64), focusing on methods of analysis.

We'll start with a few foundation topics, such as methods of identifying native M1 code (which will aid us when hunting for M1 malware), as well as some introductory arm64 reversing concepts.

With an uncovered corpus of malware compiled to natively run on M1, we'll spend the remainder of the talk demonstrating effective analysis techniques, including many specific to the analysis arm64 code on macOS.

Armed with this information and analysis techniques, you'll leave a proficient macOS M1 malware analyst!
Patrick Wardle
Objective-See Patrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0-days, analysing macOS malware and writing free open-source security tools to protect Mac users.
arrow left Back

Arm’d and dangerous

20:00 - 20:30 UTC Fri 8 Oct 2021
Patrick Wardle (Objective-See)
Apple's new M1 systems offer a myriad of benefits ... for both macOS users, and apparently malware authors too!

In this talk we detail the first malicious programs compiled to natively target Apple Silicon (M1/arm64), focusing on methods of analysis.

We'll start with a few foundation topics, such as methods of identifying native M1 code (which will aid us when hunting for M1 malware), as well as some introductory arm64 reversing concepts.

With an uncovered corpus of malware compiled to natively run on M1, we'll spend the remainder of the talk demonstrating effective analysis techniques, including many specific to the analysis arm64 code on macOS.

Armed with this information and analysis techniques, you'll leave a proficient macOS M1 malware analyst!
Patrick Wardle
Objective-See Patrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0-days, analysing macOS malware and writing free open-source security tools to protect Mac users.