roll-your-own

A collection of 17 posts
Detecting Wirelurker Malware
shell-scripts

Detecting Wirelurker Malware

[UPDATE] It appears the command and control infrastructure has been neutralized [http://threatpost.com/wirelurker-mac-os-x-malware-shut-down/109204]. Palo Alto has already written a script that will detect [https://github.com/PaloAltoNetworks-BD/WireLurkerDetector/blob/master/WireLurkerDetectorOSX.py] the Wirelurker malware. [http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-new-era-os-x-ios-malware/] It basically scans for the
1 min read
Roll-your-own Protection From A New Malware Called XSLCmd
malware

Roll-your-own Protection From A New Malware Called XSLCmd

A nasty piece of malware [http://www.fireeye.com/blog/technical/malware-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html] on OS X is XSLCmd [http://www.macworld.com/article/2603440/cyberespionage-group-starts-using-new-mac-os-x-backdoor-program.html#tk.rss_all] .  Using a neat trick [https://jacobsalmela.com/roll-your-own-malware-detection/], you can get alerted if your computer gets infected.  This
1 min read