Topic: Mac M1 malware : Silver Sparrow @ AskWoody

Mac M1 malware : Silver Sparrow

Posted on Alex5723 Comment on the AskWoody Lounge
Home › Forums › AskWoody support › Non-Windows operating systems › macOS › Mac M1 malware : Silver Sparrow
- This topic has 2 replies, 1 voice, and was last updated 1 week, 4 days ago.
Viewing 2 reply threads
- Author
  
  Posts
- - February 21, 2021 at 2:12 am #2344999
    
    Alex5723
    AskWoody Plus
    
    Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight
    
    Silver Sparrow is an activity cluster that includes a binary compiled to run on Apple’s new M1 chips but lacks one very important feature: a payload.
    
    Earlier this month, Red Canary detection engineers Wes Hurd and Jason Killam came across a strain of macOS malware using a LaunchAgent to establish persistence. Nothing new there. However, our investigation almost immediately revealed that this malware, whatever it was, did not exhibit the behaviors that we’ve come to expect from the usual adware that so often targets macOS systems. The novelty of this downloader arises primarily from the way it uses JavaScript for execution—something we hadn’t previously encountered in other macOS malware—and the emergence of a related binary compiled for Apple’s new M1 ARM64 architecture.
    
    ..we quickly realized that we were dealing with what appeared to be a previously undetected strain of malware…
    
    1 user thanked author for this post.
    
    rodcallen
    
    Reply | Quote
  - February 22, 2021 at 8:37 am #2345334
    
    anonymous
    Guest
    
    ? says:
    
    thank you, Alex. made the local news this morning, so it must be taking root…
    
    Reply | Quote
  - February 22, 2021 at 11:31 am #2345445
    Alex5723
    AskWoody Plus
    
    anonymous wrote:
    
    ? says:
    
    thank you, Alex. made the local news this morning, so it must be taking root…
    
    30,000 infected Macs found so far.
    
    Apple has informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected. Apple also reiterated that Red Canary found no evidence to suggest the malware has delivered a malicious payload to Macs that have already been infected..
    
    This reply was modified 1 week, 4 days ago by Alex5723.
    
    1 user thanked author for this post.
    
    rodcallen
    
    Reply | Quote
- Author
  
  Posts
Viewing 2 reply threads

Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

Reply To: Mac M1 malware : Silver Sparrow
You can use BBCodes to format your content.
Your account can't use Advanced BBCodes, they will be stripped before saving.

Cancel

Welcome to our unique respite from the madness.

It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.