Covert Cyber Warfare: Firmware-Persistent macOS Compromise and Steganographic Active Defense

Thomas Perry Jr.

doi:10.5281/zenodo.18736639

Covert Cyber Warfare: Firmware-Persistent macOS Compromise and Steganographic Active Defense

Thomas Perry Jr. SignaBuilder 2025-02-22 Working paper

Documents a real-world firmware-persistent macOS compromise involving steganographic command channels, firmware-level persistence mechanisms, and active defense countermeasures. Provides forensic methodology and defensive steganography techniques for incident responders.

firmware persistencemacOS compromisesteganographyactive defensecovert channelsforensic methodologyincident response

Zenodo Record Download PDF Google Scholar Semantic Scholar

Cite

Thomas Perry Jr.. "Covert Cyber Warfare: Firmware-Persistent macOS Compromise and Steganographic Active Defense." SignaBuilder, 2025-02-22. DOI: 10.5281/zenodo.18736639. Available at: https://doi.org/10.5281/zenodo.18736639

BibTeX

@article{perry2025covert, author = {Perry, Thomas Jr.}, title = {Covert Cyber Warfare: Firmware-Persistent macOS Compromise and Steganographic Active Defense}, year = {2025}, month = {02}, doi = {10.5281/zenodo.18736639}, url = {https://doi.org/10.5281/zenodo.18736639}, publisher = {Zenodo}, license = {CC-BY-4.0} }