Silver Sparrow Malware Infects 30K Macs

Apple has always been thought of as relatively secure than other computer systems. However, one of the latest security incidents to plague the company is attackers infecting malware onto 30,000 Macs, reported Ars Technica.

The latest threat released by attackers has targeted Apple’s new M1 ARM Macs. Ars Technica states that this is only the second malware to run on the newly introduced M1 chip since Apple unveiled its new product line to the public last November 2020.

In a report released by Ars Technica, the malware, called the Silver Sparrow, was initially discovered by security researcher Red Canary.

Silver Sparrow Malware Infects Macs

When explaining the strain, Tony Lambert of Red Canary said the malware “did not exhibit the behaviours that we’ve come to expect from the usual adware that so often targets macOS systems. The novelty of this downloader arises primarily from the way it uses JavaScript for execution – something we hadn’t previously encountered in other macOS malware.”

What Red Canary understands about this threat is it uses a LaunchAgent to establish persistence. The engineers who identified this threat, Wes Hurd and Jason Killam, noted that it does not exhibit behaviours commonly associated with macOS adware.

While the security researchers have yet to determine what the malware can do and the extent of the damage it can bring, the Silver Sparrow malware was designed to “deliver a potentially impactful payload at a moment’s notice.”

Based on the findings of the security researcher, the threat has now infected around 29,139 Macs across 153 countries. Most of the systems infected came from the United States, Canada, France, Germany, and the United Kingdom.

The team has not noticed Silver Sparrow delivering malicious activities as of writing. However, it is worth noting that it is compatible with the M1 chip, has a global reach, has a high infection rate, and exhibits operational maturity.

This could mean that the virus can be a grave threat, as it has been positioned to deliver a serious payload at any moment. It is also important to remember that the M1 ARM64 has only been released recently and security researchers have found very few threats.

A comment by an anonymous spokesperson from Apple said that the tech company immediately revoked developer certificates upon learning of Silver Sparrow. They also noted that no evidence of a malicious payload has been reported.

Lastly, the spokesperson commented that Apple incorporated hardware and software protections and updates.