Deep dive into MacSync Stealer (UserSyncWorker variant), a MaaS infostealer featuring Gatekeeper bypass via notarized Swift dropper, code signature validation, and multi-layer payload obfuscation
Posts for: #Reverse Engineering
DeerStealer’s Qihoo 360 Trojan Horse
Deep dive into DeerStealer’s weaponization of legitimately signed Qihoo 360 Safe components for persistence and privilege escalation