Apple’s reputation has recently been shaken, though. Waves of malware known as ‘adware‘ have been advancing rapidly, and now even the tech giant’s bulletproof reputation is at risk as news of recent concerns arises. Detection engineers working at security platform Red Canary have detected a potentially severe variant of malware designed to be compatible with Apple’s new M1 chip. The specific malware in question, named ‘Silver Sparrow’ is a new malware family targeting these chips. Silver Sparrow is now the latest variant following the release of the ‘Pirrit’ adware only a few days earlier.
The M1 Chip
It has been a good while since Apple has been using their own proprietary processors. Instead, Apple has for a long time now opted for using Intel chips. It wasn’t until a few months ago that they would roll out the first chip “specifically designed for Mac”. The new chips would promise longer battery life, more power, and better safety. The change has been expected for a long time when it comes to the Apple computer line.
What is Silver Sparrow?
As researchers are rushing to prevent a new wave of malware targeting Apple’s latest hardware, they have managed to uncover a second malware wave affecting devices with the M1 chip. The malware in question, Silver Sparrow, belongs to a new adware family that targets both older and newer machines. Silver Sparrow has two versions, a version that targets the previous Intel-based generation of Macs, as well a version that targets the new M1s. Researchers have revealed the following details about Silver Sparrow;
What Happened?
According to Red Canary, Silver Sparrow has spread rapidly, and it is reported that over 30,000 M1 Mac machines have been infected so far (although this is a rough estimation at the moment). In a recent report by research team Red Canary, they stated that: “According to data provided by Malwarebytes, Silver Sparrow had infected 29,139 macOS endpoints across 153 countries as of February 17”. Additional information reveals that Silver Sparrow has hit high infection concentrations in Germany, France, Canada, the UK, and the US.
The Mystery
Researchers stated that “The ultimate goal of this malware is a mystery” since it has not yet shown any activity of delivering ‘payloads’. Payloads are the final stage of infection where the adware launches a program that then either steals data or has some other malicious function. Researchers are baffled by the mysterious, seemingly incomplete malware. Possibly, the way Sparrow works according to Red Canary, is that “malicious search engine results direct victims to download the PKGs based on network connections from a victim’s browser shortly before download”. Further details in the report reveal that the researchers have no way of finding out the end goal of this malware, or what the creator’s “future timeline” is.
Apple’s Response
Apple’s response to these potential threats was to revoke the developer certificates, to stop the spread of the malware. For both the earlier malware variant as well as the current Silver Sparrow, Apple has reportedly revoked all developer certificates.
