If you need proof to ascertain how Apple, the company known for its airtight security can be at risk, read the post till the end.
Dubbed as Silver Sparrow, the recently discovered strain, by researchers from Red Canary as of Feb 17th is infecting almost 29,139 macOS endpoints across 153 countries. This includes Apple’s first-ever in-house silicon- The Apple M1 chip, along with the Mac Mini desktop and the latest version of Apple’s laptops.
Divided into two versions, to infect both Intel-based and latest M1 chip Mac, this malware is not the first to target M1 architecture machines. Just a few weeks before discovering this strain, a researcher named Patrick Wardle also reported a threat targeting the latest M1 ARM chip.
However, there’s a silver lining before the malicious software could cause any harm, it was discovered. Also, it has not harmed any machines.
In addition to this, Red Canary’s Tony Lambert writes:
“…the ultimate goal of this malware is a mystery. We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution. Based on data shared with us by Malwarebytes, the nearly 30,000 affected hosts have not downloaded what would be the next or final payload.”
Seeing this, we can say, no longer Mac machines are secure and just like Windows, they too can be infected. Also, Silver Sparrow makes Mac users witness unprecedented amounts of threats.
Who detected the strain?
Wes Hurs and Jason Killam, detection engineers from Red Canary came across this strain using a LaunchAgent and found it sitting on a Mac waiting for a command from the operators.
https://twitter.com/redcanary/status/1363978994178289665?ref_src=twsrc%5Etfw” target=”_blank” rel=”nofollow noreferrer
This has left researchers stumped as the purpose of this malware is unclear.
However, if you think it’s good news, then let me correct you. According to the researchers, there’s a possibility that the malware is capable of detecting researchers’ analyzing behavior. Hence, is not delivering the second payload.
Moreover, how Silver Sparrow spreads is still unclear.
Warning: The number of infected devices clearly defines the seriousness of the threat and how worse it can be. So be wary of such threats and avoid downloading content from unknown sites and senders.
What’s the Big Deal?
The way this downloader uses JavaScript for execution is something that has never been encountered in other macOS malware—and the novelty using which it is complied to target Apple’s new M1 ARM64 architecture is excellent.
How many systems have been infected by Silver Sparrow
Silver Sparrow had infected 29,139 macOS endpoints across 153 countries including the United States, the United Kingdom, Canada, France, and Germany.
What action did Apple take?
After knowing about the Silver Sparrow malware and how it infected the Mac machine, Apple revoked the developer’s license that was allowing the virus to spread. In addition to this, the company says, the new machines can no longer be infected.
To learn about working for Silver Sparrow, you can read the detailed blog post by Red Canary.
How does the Silver Sparrow get installed?
Said to leverage the macOS Installer JavaScript, it’s still unclear as to how the malware gets installed
What can you do now?
All hope is not lost in face of these digital threats.
Hence, to stay protected against cyber threats installing the best malware protection tool that detects both latest and old threats is suggested. For this, you can use Systweak Anti-Malware, a malware protection tool designed for Mac machines that scans the machine for threats and quarantines them.