Reversing at Scale: AI-Powered Malware Detection for Apple’s Binaries

VirusTotal ran its new AI-based Code Insight pipeline on 9,981 first-seen Mach-O binaries and found 164 malicious samples (versus 67 flagged by traditional AVs), surfacing nearly 100 previously undetected threats. Notable confirmed cases include a multi-stage macOS dropper that downloads and executes an AppleScript to exfiltrate local data and an iOS jailbreak tweak that uses method swizzling to display fake login prompts and exfiltrate credentials via an obfuscated Telegram Bot, while the system also identified and helped correct multiple antivirus false positives. The report demonstrates AI-assisted large-scale triage and reversing that exposes novel malware and campaign infrastructure unreachable by signature-only detection.