New macOS malware discovered, but threat remains unknown

Joe White

Posts: 61   +0
Staff
In a nutshell: A mysterious piece of macOS malware has been discovered by security researchers. The malware is thought to affect some 30,000 Macs around the world, including Apple’s newer M1-powered computers. The malware forces affected Macs to check a control server once an hour, but the actual threat posed to users is so far a mystery.

The malware—identified by Red Canary researchers—has been found in 153 countries, with concentrations in the United States, the United Kingdom, Canada, France, and Germany. According to the researchers, Silver Sparrow, as they're calling this security threat is mysterious: so far, it simply forces affected computers to check a server once an hour, but that doesn’t mean there’s no potential risk.

Red Canary explains, “though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest it's a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice.”

For that reason, the researchers are sharing everything they know about the Silver Sparrow before things get dangerous. Other than its oddly dormant state, the novelty of the malware also arises from its use of the macOS Installer JavaScript API to execute commands.

When installed on an Intel-based Mac, users will see a blank window displaying a “Hello, World!” message. On M1-powered Macs, you’ll instead see a red window reading, “You did it!”

While Apple’s macOS platform has historically been lauded as virus-free, we’re seeing more and more pieces of malware targeting Macs—a rise due, at least in part, to the platform's growing user base.

Permalink to story.

 

candle_86

Posts: 729   +730
Look at that, to bad mac doesn't have built in anti virus, guess they could stand to learn from Microsoft how to make an os.
 

ypsylon

Posts: 349   +270
Well assuming that this worm is incapable of circumventing T2 chip security enclave it's impact should be relatively low. It's good they share this before it gets serious. Question is how that piece of malware found it's way into the systems. Was that pr0n watching, stupid employee opening attachment he/she shouldn't have or something else. Hardly possible to be propagated by browsing harmless websites.

Yes I know most Windows users who never had any prolonged exposure to the ecosystem + Apple sheeps (which defend Apple no matter what crap they are served) always like to boast about Mac malware free ecosystem. It's just fairytale of course. No system is malware free and its quite daft that Apple didn't addressed this for long time. Difference is, MacOS is much less popular and much, much more secure system than Windows ever will be - unless you're totally paranoid Windows user. Wait that's oxymoron. If you're that paranoid then surely you don't use Windows anyway. ;P
 

Nobina

Posts: 3,046   +2,842
Every OS has exploits. I don't know what's worse, the ones that are known or the ones that are yet to be discovered which might be known to hackers but not to the public.
 

Danny101

Posts: 1,639   +702
Nothing is ever completely safe and secure. All you can do is practice risk reduction and updated on the latest threats.
 

candle_86

Posts: 729   +730
Is no security at all, if we were to quote CompTIA.

Yep, that's why legacy systems used for research or industrial machinery are kept off network or segmented. Just because it's unlikely your windows 3.1 system running a microscope you can't afford to replace is unlikely to ever be infected smart people avoid the risk, apple are not smart people, their stance on it security is akin to leaving your keys in the ignition with your windows rolled down in downtown, sure it may not be stolen, but it's just as likely it will.
 

terzaerian

Posts: 904   +1,293
Macs have built-in Antivirus. Ignorance is not a virtue.
Allegedly, the architecture of Apple's M1 chips make it more difficult for virus scanners of all stripes to accurately detect or remove certain viruses.


Optimistically, antivirus manufacturers will be able to compensate as they get more familiar with M1 chips, but the alternative is they may never be able to, intrinsically, which would be some omegalul material.
 

veLa

Posts: 1,095   +702
Yeah, Windows Defender is the poster child of the security industry LOL

Where I work, corporate IT has made the decision to switch all locations from Malwarebytes and Symantec Endpoint Protection to Microsoft Defender.