Apple has moved to squash the threat of another new malware strain threatening its own-brand M1 Mac silicon devices.
The malware, dubbed “Silver Sparrow” by researchers at security firm Red Canary, was thought to have already infected around 30,000 Apple M1 Macs, as well as targeting some earlier Intel-powered Macs too.
However Apple has now stepped in and revoked certificates for developer accounts used by the malware’s creator to help deliver the malware packages onto victim devices – effectively stopping any new devices from being infected.
Apple attack
The company told AppleInsider that it had acted to reduce any further spread of the malware by revoking these certificates, and that it looks to issue regular software updates to stop its devices being infected.
Silver Sparrow was the second identified M1 Mac malware in a matter of weeks, after an earlier threat was also uncovered recently – although this was found to be fairly standard adware.
Red Canary had estimated that Silver Sparrow infected about 30,000 macOS computers in over 150 countries. It was flagged as particularlt novel for the way it used JavaScript for execution—something the company said it hadn’t previously encountered in other macOS malware
The malware calls a command and control server every hour from the infected machine to check for further instructions. Till now the researchers haven’t noticed the malware downloading any malicious payloads, which adds to the mystery of the malware’s true intent.
Via: AppleInsider