Over 30,000 Apple Macs have been infected with a high-stealth malware, and the company has no idea why
Security researchers have discovered a mysterious malware on nearly 30,000 Apple Macs and they have no idea what this is for and how is this virus going to infected the devices.
The malware named ‘Silver Sparrow’ comes with a mechanism to self-destruct itself, a capability that’s typically reserved for high-stealth operations.
“So far, though, there are no signs the self-destruct feature has been used, raising the question of why the mechanism exists,” Ars Technica first reported about the presence of malware citing security researchers.
The lack of a final payload suggests that the malware may spring into action anytime.
The malware has been found in 153 countries with heavy detection reported in the US, the UK, Canada, France and Germany.
Silver Sparrow is an activity cluster that includes a binary compiled to run on Apple’s new M1 chips but lacks one very important feature: a payload.
“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat,” according to researchers from cyber security firm Red Canary.
The malware is uniquely positioned to deliver a potentially impactful payload at a moment’s notice.
Silver Sparrow comes in two versions one with a binary in mach-object format compiled for Intel x86_64 processors and the other Mach-O binary for the M1.
Researchers have earlier warned that Apple’s transition from Intel to its own silicon M1 chip may make it easy for hackers to introduce malware.
“To me, the most notable [thing] is that it was found on almost 30K macOS endpoints… and these are only endpoints the MalwareBytes can see, so the number is likely way higher,” said Patrick Wardle, a macOS security expert.