A comprehensive guide to the threats facing Apple computers and the foundational knowledge needed to become a proficient Mac malware analyst.
Defenders must fully understand how malicious software works if they hope to stay ahead of the increasingly sophisticated threats facing Apple products today. The Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious Software is a comprehensive handbook to cracking open these malicious programs and seeing what’s inside.
Discover the secrets of nation state backdoors, destructive ransomware, and subversive cryptocurrency miners as you uncover their infection methods, persistence strategies, and insidious capabilities. Then work with and extend foundational reverse-engineering tools to extract and decrypt embedded strings, unpack protected Mach-O malware, and even reconstruct binary code. Next, using a debugger, you’ll execute the malware, instruction by instruction, to discover exactly how it operates. In the book’s final section, you’ll put these lessons into practice by analyzing a complex Mac malware specimen on your own.
You’ll learn to:
Recognize common infections vectors, persistence mechanisms, and payloads leveraged by Mac malwareTriage unknown samples in order to quickly classify them as benign or maliciousWork with static analysis tools, including disassemblers, in order to study malicious scripts and compiled binariesLeverage dynamical analysis tools, such as monitoring tools and debuggers, to gain further insight into sophisticated threatsQuickly identify and bypass anti-analysis techniques aimed at thwarting your analysis attempts
A former NSA hacker and current leader in the field of macOS threat analysis, Patrick Wardle uses real-world examples pulled from his original research. The Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious Software is the definitive resource to battling these ever more prevalent and insidious Apple-focused threats.
From the Publisher
About the Author
Patrick Wardle is the creator of the Mac security website and tool suite Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.
About the Publisher
No Starch Press has published the finest in geek entertainment since 1994, creating both timely and timeless titles like Python Crash Course, Python for Kids, How Linux Works, and Hacking: The Art of Exploitation. An independent, San Francisco-based publishing company, No Starch Press focuses on a curated list of well-crafted books that make a difference. They publish on many topics, including computer programming, cybersecurity, operating systems, and LEGO. The titles have personality, the authors are passionate experts, and all the content goes through extensive editorial and technical reviews. Long known for its fun, fearless approach to technology, No Starch Press has earned wide support from STEM enthusiasts worldwide.
Publisher : No Starch Press
Publication date : July 12, 2022
Language : English
Print length : 328 pages
ISBN-10 : 1718501943
ISBN-13 : 978-1718501942
Item Weight : 1.35 pounds
Dimensions : 7.01 x 0.75 x 9.17 inches
Best Sellers Rank: #1,037,191 in Books (See Top 100 in Books) #155 in Computer Viruses #456 in Computer Hacking #733 in Computer Network Security
Customer Reviews: 4.7 4.7 out of 5 stars (51) var dpAcrHasRegisteredArcLinkClickAction; P.when(‘A’, ‘ready’).execute(function(A) { if (dpAcrHasRegisteredArcLinkClickAction !== true) { dpAcrHasRegisteredArcLinkClickAction = true; A.declarative( ‘acrLink-click-metrics’, ‘click’, { “allowLinkDefault”: true }, function (event) { if (window.ue) { ue.count(“acrLinkClickCount”, (ue.count(“acrLinkClickCount”) || 0) + 1); } } ); } }); P.when(‘A’, ‘cf’).execute(function(A) { A.declarative(‘acrStarsLink-click-metrics’, ‘click’, { “allowLinkDefault” : true }, function(event){ if(window.ue) { ue.count(“acrStarsLinkWithPopoverClickCount”, (ue.count(“acrStarsLinkWithPopoverClickCount”) || 0) + 1); } }); });
Scott –
Awesome Book
Great value and a very insightful book. The information is well written and relevant.
Joey D –
Must Read
This is an essential read for anyone interested in macOS security research. You can read it front to back or use it as a reference..
Andrew –
decent read
A decent read on MacOS malware. Good run down on presence mechanisms and anti analysis techniques employed by MacOS malware.
Matthew N. Montag –
Valuable source of ground-truth
This book is an invaluable resource for fixing mom and dad’s computer over the holidays. A Google search for “remove mac malware” is a very dark path indeed. I was able to locate the pernicious LaunchAgents and kill the malware using what I learned in Chapter 2. No sketchy “mac cleaner” downloads required.
Marq –
Great book
This is a fantastic book, I love Patrick’s work. He’s a go to when it comes to macOS and anything mac related.
Michael –
Very Introductory
I was hoping for a bit more depth and detail. The first two chapters are fluff that seem to be aimed at people who have never come in contact with this subject before. There is nothing particularly interesting. Good book for people who haven’t ever analyzed malware before. Otherwise full of fairly obvious stuff.
Khl –
Waste of time
Waste of time and money.
AURELIEN R. –
Très bon livre et très bon vendeur. À l’écoute des clients. Réponse rapide. Je recommande vivement.
Ash –
Awesome book! Arrived damaged and replacement sent so no harm done. Just wish I stopped receiving damaged books from amazon. Up to 30+ now (I buy a lot of books)