Apple steps up fight against Silver Sparrow malware that targets M1 Macs

By

Apple Silicon
Apple Silicon Macs aren't safe from malware.
Photo: Apple

The first wave of malware written specifically for Apple Silicon Macs is starting to appear. And Apple’s already playing Whac-A-Mole to try and stop it.

The malware in question, called “Silver Sparrow,” is reportedly a malicious package that can exploit a vulnerability in the macOS Installer JavaScript API as a way to execute dodgy commands. While it remains unclear how big of a threat Silver Sparrow poses, Apple nonetheless took steps to stop its spread.

The security professionals at Red Canary discovered the Silver Sparrow malware. They say it has already infected more than 29,000 machines in 153 countries. However, at the meant, they have no idea what it does because it lacks a ‘payload.’

“Silver Sparrow is an activity cluster that includes a binary compiled to run on Apple’s new M1 chips but lacks one very important feature: a payload,” Red Canary wrote in a blog post about Silver Sparrow.

That lack of payload means the malware remains something of a mystery in terms of the harm it could potentially cause. Still, Apple’s not taking any chances. According to MacRumors, Apple revoked the certificates of developer accounts used to sign the packages. This should stop the malware from delivering malicious payloads to Macs already infected.

Not the first Apple Silicon malware

This isn’t the first bit of M1 Malware aimed at the M-series Mac chips we’ve covered. Last week, security researcher Patrick Wardle published details regarding a Safari adware extension called GoSearch22. While this wasn’t created for M1 Macs, it has been optimized to run on them. The adware delivers unwanted ads, collects browser data, and modifies browser settings.

As with Silver Sparrow, this doesn’t appear to represent a massive security risk — at least for now. Nonetheless, it shows that hackers are now targeting the M1 for nefarious purposes. As Macs continue to grow in popularity, this will only get worse.