In this talk we analyze a prevalent malware family Formbook and its successor XLoader from different angles, including OSINT and technical sides. XLoader is a logical step in Formbook’s evolution, it is now able to target not only Windows but macOS as well.

Our aim is to help the listeners understand how the malware topped up prevalence lists, which approaches and tools to use for the analysis of this and other cases and how to stay protected from this threat.