Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore how Apple's on-device AI frameworks can be exploited for offensive cybersecurity operations in this technical conference talk from Black Hat. Discover how CoreML, Vision, and AVFoundation frameworks, designed for automation and media processing, create a stealthy attack surface enabling payload execution, covert data exchange, and AI-assisted command and control operations. Learn about MLArc, a groundbreaking CoreML-based C2 framework that abuses Apple's AI processing pipeline for payload embedding, execution, and real-time attacker communication through machine learning models, image processing APIs, and native macOS AI features. Examine how Apple's AI frameworks can enhance existing C2 systems like Mythic, providing stealthy AI-assisted payload delivery and persistence through CoreML for embedding encrypted shellcode in AI models, Vision for concealing payloads in AI-processed images, and AVFoundation for hiding payloads in high-frequency audio files using steganographic techniques. Witness live demonstrations of MLArc establishing fileless, stealthy C2 channels that evade traditional security measures, representing the first public disclosure of Apple AI-assisted payload execution and AI-driven command and control on macOS, revealing new offensive tradecraft that weaponizes Apple's AI infrastructure for adversarial operations.
