Home30,000 Apple Macs ‘Silver Sparrow’ Malware | Silicon UK Tech NewsTech30,000 Apple Macs ‘Silver Sparrow’ Malware | Silicon UK Tech News

30,000 Apple Macs ‘Silver Sparrow’ Malware | Silicon UK Tech News

Red Canary security researchers warn up to 30,000 Apple Mac computers are infected with ‘Silver Sparrow’ malware, that has no known goal

Apple computers are at the centre of a rare malware alert, with nearly 30,000 Macs reportedly infected with a mysterious piece of code.

This is the warning from ‘detection engineers’ Wes Hurd and Jason Killam at Red Canary. Earlier this month they had come across “a strain of macOS malware using a LaunchAgent to establish persistence.”

Malware on Macs is less common than infections of Windows-based PCs, but it does happen. In 2019 for example Trend Micro warned of a malware variant that made use of legitimate share-trading software to invade Mac users’ systems.

Apple infection - Shutterstock - © Makhnach_S

Silver Sparrow

Last week security researcher Patrick Wardle warned that malware is now being redesigned in order to target Mac computers running Apple’s M1 processor.

And this seems to be the case, after Red Canary this week called this latest malware discovery on Macs “Silver Sparrow.”

What is puzzling is that the researchers said that it is not what the goal of the Silver Sparrow malware is, as it has not delivered “malicious payloads” — essentially, harmful actions against a device.

“However, our investigation almost immediately revealed that this malware, whatever it was, did not exhibit the behaviours that we’ve come to expect from the usual adware that so often targets macOS systems,” blogged Red Canary.

Yet it is clear Silver Sparrow is malware, as it contains a self-destruct mechanism that appears to have not been used.

It is also not clear at this stage what would trigger that self-destruct function, and it is also unclear how the malware found its way onto the infected Macs, but they speculated it may have been through malicious search results.

The researchers found that Silver Sparrow contains code that runs natively on Apple’s in-house M1 chip that was released in November, making only the second known malware to do so.

“According to data provided by Malwarebytes, Silver Sparrow had infected 29,139 macOS endpoints across 153 countries as of February 17, including high volumes of detection in the United States, the United Kingdom, Canada, France, and Germany,” wrote Red Canary.

Unknown goal

“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” it added.

“Given these causes for concern, in the spirit of transparency, we wanted to share everything we know with the broader infosec industry sooner rather than later,” the firm wrote.

Apple has reportedly revoked the developer certificates used by the malware, in an effort to prevent any future infections.

Revoking the developer certificates also creates barriers for any existing malware infections to be able to take additional actions, it is being reported.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

payday smile logo

PaydaySmile.com is a financial technology company specializing in payday loans and financial solutions. With a keen focus on catering to payday lending needs, the company provides tailored loan options and tools to assist individuals seeking short-term financial assistance. It’s important to note that while we offer financial tools and resources, we are not a direct lender.

Advertiser Disclosure: This website is an independent, advertising-supported comparison service. The card offers that appear on this site are from companies from which this website receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear). This website does not include all card companies or all card offers available in the marketplace. This website may use other proprietary factors to impact card offer listings on the website such as consumer selection or the likelihood of the applicant’s credit approval.

© 2024 PaydaySmile.com . All Rights Reserved.