For years, it was thought that certain platforms were safe from the dangers of malware and ransomware, namely Mac products. But now, a new group of infections, headlined by an infection known as Silver Sparrow, has been found hiding on 30,000 Mac computers as of February 17.
A recent report from Ars Technica claims that this new macOS malware was discovered by security provider Red Canary in early 2021. According to Red Canary’s Tony Lambert, “Silver Sparrow did not exhibit the behaviors that we’ve come to expect from the usual adware that so often targets macOS systems. The novelty of this downloader arises primarily from the way it uses JavaScript for execution—something we hadn’t previously encountered in other macOS malware.”
Silver Sparrow is just the second known piece of malware capable of infecting Apple’s new M1 ARM architecture Macs. Mac computers in 153 different countries are already known to be infected, and although that number is expected to grow, most victims are in the United States, United Kingdom, Canada, France, and Germany.
One of the reasons that Silver Sparrow is so dangerous is because of its ability to leverage Amazon Web Services and Akamai for its command infrastructure. That makes it a very difficult infection to take down.
As of now, Mac computers that were infected with Silver Sparrow can communicate with a control server hourly to look for new commands to carry out. So far it seems that no new commands have been issued, but that can change quickly. Researchers have also discovered that SIlver Sparrow comes equipped with the ability to remove itself from a system, meaning that it could execute commands then disappear in an instant.
Lambert also pointed out a multitude of intelligence gaps that need to be filled regarding this new Mac malware. “In addition, the ultimate goal of this malware is a mystery. We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution.”
After years of Mac users choosing the platform over PCs due to the belief that it would keep them safer in the world of online threats, it seems that hackers have adjusted accordingly and have finally proven that NO PLATFORM is safe from motivated cybercriminals.
