Repurposing Mac Malware Not Difficult, Researcher Shows
New research by Patrick Wardle, a Mac security researcher at Jamf, shows that it is relatively easy for skilled threat actors to repurpose known malware and to make sure that signature-based security solutions will no longer detect it.
While writing powerful malware from scratch is a significant undertaking, it is far easier for attackers to reverse-engineer existing malware and them make adjustments in the code to adjust the functionality and add obfuscation techniques. Wardle was able to repurpose various prominent examples of Mac malware, including backdoors, cryptocurrency miners and ransomware. He says that his research underscores the importance of detecting threats based on behavior rather than signatures.