When it comes to security risks, especially malware, Mac OS X has the questionable reputation of being inherently safe. While there is a substantial body of research and implementations dealing with malware on Windows and, more recently, Android systems, Mac OS X has received little attention so far. To amend this shortcoming, we built a Mac OS X based high-interaction honeypot and used it to evaluate over 6,000 blacklisted URLs to estimate how widespread malware for Mac OS X is today. We further built a dynamic analysis environment and analyzed 148 malicious samples to gain insight into the current state of Mac OS X malware. To the best of our knowledge, we are the first to tackle this task.
@inproceedings{Lindorfer2013Take_a,
title = {{Take a Bite - Finding the Worm in the Apple}},
author = {Lindorfer, Martina and Miller, Bernhard and Neugschwandtner, Matthias and Platzer, Christian},
booktitle = {Proceedings of the International Conference on Information, Communications and Signal Processing},
series = {ICICS},
month = {December},
year = {2013},
address = {Tainan, Taiwan}
}