The goal of this thesis was to assess the current state of malware, developed and recompiled for ARM-based Linux and MacOS systems. In the thesis, the threat of malware for newer ARM-based systems is reviewed for both Linux and MacOS. For analysis purposes, Ghidra was set-up using virtualised instance of MacOS as a secure environment using UTM. The common measure of protection MacOS and Linux systems were mentioned, the threat of repurposed malicious code originally written for x86 architecture as well as Rosetta 2 being able to run x86 architecture malware. To research the malware, the source code of Mirai botnet was reviewed as an example for Linux systems and their vulnerability to such attacks. For MacOS, the sample of GoSearch22 malware was analysed using Ghidra. With GoSearch22 analysis, the attention was drawn towards its anti- debugging behaviour as it utilised many techniques currently used to avoid research. The thesis is finalised with the need for understanding low level programming, and obfuscation techniques of malicious binaries for proper malware analysis. Taking the nature of the analysed malware, some protection vectors of currently used systems are mentioned as well.