While Mac systems have historically been ignored during targeted attacks, within the last year these attacks have leveraged a number of new rootkit techniques. The malware found during these attacks have employed advanced capabilities that often require deep memory forensics to detect and uncover. In this presentation, we will use Volatility to analyze the most advanced Mac malware to date.