![]() |
MS-DEFCON 4:
There are isolated problems with current patches, but they are well-known and documented on this site.
|
-
Mac M1 malware : Silver Sparrow
Home › Forums › AskWoody support › Non-Windows operating systems › macOS › Mac M1 malware : Silver Sparrow
- This topic has 2 replies, 1 voice, and was last updated 1 week, 4 days ago.
Viewing 2 reply threads-
AuthorPosts
-
-
February 21, 2021 at 2:12 am #2344999
Alex5723
AskWoody PlusClipping Silver Sparrow’s wings: Outing macOS malware before it takes flight
Silver Sparrow is an activity cluster that includes a binary compiled to run on Apple’s new M1 chips but lacks one very important feature: a payload.
Earlier this month, Red Canary detection engineers Wes Hurd and Jason Killam came across a strain of macOS malware using a LaunchAgent to establish persistence. Nothing new there. However, our investigation almost immediately revealed that this malware, whatever it was, did not exhibit the behaviors that we’ve come to expect from the usual adware that so often targets macOS systems. The novelty of this downloader arises primarily from the way it uses JavaScript for execution—something we hadn’t previously encountered in other macOS malware—and the emergence of a related binary compiled for Apple’s new M1 ARM64 architecture.
..we quickly realized that we were dealing with what appeared to be a previously undetected strain of malware…
1 user thanked author for this post.
-
February 22, 2021 at 8:37 am #2345334
-
February 22, 2021 at 11:31 am #2345445
Alex5723
AskWoody Plus? says:
thank you, Alex. made the local news this morning, so it must be taking root…
30,000 infected Macs found so far.
Apple has informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected. Apple also reiterated that Red Canary found no evidence to suggest the malware has delivered a malicious payload to Macs that have already been infected..
-
This reply was modified 1 week, 4 days ago by
Alex5723.
1 user thanked author for this post.
-
This reply was modified 1 week, 4 days ago by
-
-
AuthorPosts
Viewing 2 reply threads -
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search Newsletters
Search Forums
Recent Replies
WCHS on Tasks for the weekend – February 20, 2021 – it’s Squirrel away time
10 minutes agoanonymous on Getting ready for upgrade to 20H2
51 minutes agoanonymous on Getting ready for upgrade to 20H2
52 minutes agoSusan Bradley on Do you still patch on premises Exchange servers?
1 hour, Just nowanonymous on kb4601319 strange issue after updating
1 hour, 8 minutes agoTom on Do you still patch on premises Exchange servers?
2 hours, 45 minutes agompw on Getting ready for upgrade to 20H2
3 hours, 7 minutes agoBob99 on Getting ready for upgrade to 20H2
3 hours, 25 minutes agoBob99 on MS-DEFCON 4 – February updates trigger few issues
3 hours, 40 minutes agoMatador on MS-DEFCON 4 – February updates trigger few issues
4 hours, Just nowmpw on Getting ready for upgrade to 20H2
4 hours, Just nowSusan Bradley on Microsoft Security Response Center
4 hours, 9 minutes agoanonymous on 117 patches for GRUB2
4 hours, 11 minutes agoBob99 on MS-DEFCON 4 – February updates trigger few issues
4 hours, 16 minutes agoBob99 on ‘System’ reports high CPU
4 hours, 40 minutes agokrism on Getting ready for upgrade to 20H2
4 hours, 47 minutes agoareader on Free-form database wanted
6 hours, 35 minutes ago280park on MS-DEFCON 4 – February updates trigger few issues
7 hours, 7 minutes agokrism on Battery, Power Management Questions
7 hours, 16 minutes agompw on Getting ready for upgrade to 20H2
7 hours, 38 minutes agob on Do you still patch on premises Exchange servers?
7 hours, 44 minutes agodg1261 on Free-form database wanted
7 hours, 59 minutes agoCasey H on Find & Replace
8 hours, 4 minutes agoareader on Free-form database wanted
8 hours, 7 minutes agoJohn on ‘System’ reports high CPU
8 hours, 8 minutes agompw on Annual dates do not display in outlook calendar
8 hours, 9 minutes agoPaulK on Free-form database wanted
8 hours, 16 minutes agoCasey H on Find & Replace
8 hours, 19 minutes agoCharlie on 117 patches for GRUB2
8 hours, 22 minutes agoLHiggins on Battery, Power Management Questions
8 hours, 28 minutes ago
Recent Topics
-
At Least 30,000 U.S. Organizations Newly Hacked Via Microsoft’s Email Software
24 minutes ago
-
Telemetry
55 minutes ago
-
Microsoft Security Response Center
4 hours, 9 minutes ago
-
SRU and SRUDB
11 hours, 36 minutes ago
-
‘System’ reports high CPU
4 hours, 40 minutes ago
-
AI generated play
17 hours, 11 minutes ago
-
Square buying streaming music service Tidal
20 hours, 21 minutes ago
-
LibreOffice updates.
18 hours, 51 minutes ago
-
Free-form database wanted
6 hours, 35 minutes ago
-
LinkedIn will stop collecting IDFA data on iOS
11 hours, 2 minutes ago
-
February Update 20H2 – Telemetry changes
9 hours, 3 minutes ago
-
KB4603002 – Feb 2021 Patch for .Net Framework.
1 day, 14 hours ago
-
reboot takes forever, normal boot from off is quick
12 hours, 4 minutes ago
-
Windows 10 Insider Preview build 21327 released to DEV Channel
2 days, 3 hours ago
-
Using IFS function and BETWEEN condition
2 days, 5 hours ago
-
OS upgrade
1 day, 22 hours ago
-
Microsoft.Windows.Remediation failed to start
13 hours, 26 minutes ago
-
117 patches for GRUB2
4 hours, 11 minutes ago
-
Google says it will stop selling ads based on people’s browsing histories
2 days, 7 hours ago
-
Stuck updates
1 day, 16 hours ago
-
Battery, Power Management Questions
7 hours, 16 minutes ago
-
Avatar
1 day, 19 hours ago
-
Apple may disable Rosetta 2 on M1 in some regions
2 days, 22 hours ago
-
March 2021 Office non-Security Updates are now available
1 day, 2 hours ago
-
Windows 10 clean install
2 days, 4 hours ago
-
Do you still patch on premises Exchange servers?
1 hour ago
-
Files appearing in Recycle Bin Windows 10 version 1909
2 days, 17 hours ago
-
Outlook won’t open (or any app withing Office 2019 professional plus
2 days, 13 hours ago
-
The Perseverance rover runs on processors used in iMacs in the 1990s
2 days, 7 hours ago
-
UEFI
3 days, 11 hours ago
Search for Topics
Recent blog posts
- March 2021 Office non-Security Updates are now available
- Do you still patch on premises Exchange servers?
- “Stuttering” glitch on a brand-new PC
- Here’s looking at you, kid: the child-cam scam
- The best things in life are copyrighted
- Using Microsoft OneDrive on your Android device
- MS-DEFCON 4 – February updates trigger few issues
- Temporarily putting the site in maintenance mode
Key Links
Copyright © 2004 – 2021 AskWoody Tech LLC. All rights reserved.