Security researcher Patrick Wardle has discovered what may be the first malware optimized for Apple Silicon Macs. The malware, details of which he published this week, involves a Safari adware extension called GoSearch22.
The adware delivers unwanted ads, collects browser data, and modifies browser settings. GoSearch22 is relatively low risk. However, it can result in users being redirected to certain websites or suffering an otherwise impaired browsing experience.
It was previously written for the Intel x86 architecture Apple has used dating back to 2005. However, it’s now been rewritten for Apple Silicon Macs, including the M1 chip Macs Apple debuted late last year.
“This shows that malware authors are evolving and adapting to keep up with Apple’s latest hardware and software,” Wardle told Wired. “As far as I know, this is the first time we’ve seen this.”
The same report says that the security firm Red Canary has also found a piece of native M1 malware separate to Wardle’s discovery of GoSearch22.
Optimizing software to run on the new Apple Silicon Macs is important if you want the software to run properly. For malware creators, it can also help avoid detection. Wardle found that the GoSearch22 malware was harder to detect in its optimized version than the old Intel-based version, which can be easily uncovered.
Classically, Macs suffer far less from malware than Windows PCs. However, as Macs have grown increasingly popular, a greater quantity of malware has been developed targeting Macs. Now that Macs have jumped over to Apple Silicon, it only makes sense that malware developers should start targeting those computers.