How Formbook became XLoader and migrated to macOS

Botconf 2022
2023-04-23 | 14:45 – 15:15

Alexey Bukhteyev 🗣 | Raman Ladutska 🗣

In this talk we analyze a prevalent malware family Formbook and its successor XLoader from different angles, including OSINT and technical sides. XLoader is a logical step in Formbook’s evolution, it is now able to target not only Windows but macOS as well.

Our aim is to help the listeners understand how the malware topped up prevalence lists, which approaches and tools to use for the analysis of this and other cases and how to stay protected from this threat.

Scroll to Top