Second malware for Apple M1 Macs found with self destruct abilities | HT Tech

Second malware for Apple M1 Macs found with self destruct abilities

But good news for Apple users, the company has revoked the developer certificate for both bystander binary files.

By: HT TECH
| Updated on: Feb 22 2021, 12:28 IST
MacBook.
MacBook. (Unsplash)

It looks like hackers are keen on breaching M1 Mac devices and are actively working on infecting them in different ways. A previously undetected malware is now found in almost 30,000 Macs worldwide. The number is not huge but the fact that the malware stayed inside the device undetected, does tell us how serious the issue is. The piece of malware is also said to have self-destruct abilities, which is usually found in “high-stealth operations” as reported by Ars Technica.

The report adds that researchers are yet to observe delivery of any payload on any of the infected 30,000 machines. Since there has been no payload, the ultimate goal of the malware stays unknown.

You may be interested in

LaptopsTablets
21% OFF
Acer Swift Go SFG14 41 NX KG3SI 002 Laptop
  • Pure Silver
  • 8 GB RAM
  • 512 GB SSD
41% OFF
Acer Aspire 5 A515 57G Laptop
  • Gray
  • 16 GB RAM
  • 512 GB SSD
40% OFF
Asus VivoBook 15 X515JA BQ322WS Laptop
  • Transparent Silver
  • 8 GB RAM
  • 512 GB SSD

What's more worrying is the fact that this malware, which stayed undetected, is found in the new M1-based MacBooks. This also marks it as the second known malware for M1-based macOS.

Not sure which
laptop to buy?

Also read: Apple M1-based MacBook and Mac Mini face their first malware

“The malicious binary is more mysterious still because it uses the macOS Installer JavaScript API to execute commands. That makes it hard to analyze installation package contents or the way that package uses the JavaScript commands,” states Ars Technica.

Also mentioned is that the malware in these 30,000 Macs is spread across 153 countries with major US, UK, Canada, France and Germany being the key locations where the highest cases are found.

The malware is said to use Amazon Web Services and the Akamai content delivery network for a reliable command infrastructure. It also makes blocking the servers harder. Researchers from Red Canary, the security firm that discovered this macOS malware, are calling it ‘Silver Sparrow'.

Also read: Chromebook oversold Macs in 2020: Report

“Though we haven't observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment's notice,” Red Canary researchers wrote in a blog post published on Friday. “Given these causes for concern, in the spirit of transparency, we wanted to share everything we know with the broader infosec industry sooner rather than later.”

As per the report, Silver Sparrow is said to come in two versions - one with a binary in mach-object format compiled for Intel x86_64 processors and the other Mach-O binary for the M1.

But good news for Apple users, the company has revoked the developer certificate for both bystander binary files.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 22 Feb, 12:28 IST
NEXT ARTICLE BEGINS