BadUSB Attacks on MacOS - Beyond Using Terminal and Shell Commands

Explore advanced BadUSB attack techniques for MacOS systems in this conference talk from HITB2024BKK. Learn how to execute code and deploy implants without relying on terminal commands or shell scripts, using Apple-signed Live-off-the-Land binaries (LOLBINs) and native macOS scripting languages. Discover stealth-focused methodologies that minimize user environment disruption while overcoming macOS-specific challenges. Presented by Nicolas Buzy-Debat, Red Team Lead at Grab, who brings over a decade of cybersecurity expertise and achievements including wins at SICW SPIRITCYBER-2023 IoT hackathon and recognition at DEFCON Cloud Village CTF 2023.