[ad_1]
UPDATE: February 21, 2021, 11:27 p.m. EST This story has been updated with a response from Apple regarding the malware.
New malware has been detected on nearly 30,000 Macs (so far), and without any evidence of a harmful payload, it seems security types can’t quite pinpoint the malware’s motivations.
Researchers at Red Canary, a security operations company where the malware was first discovered, dubbed it “Silver Sparrow” (h / t Ars Technica). At present, it has been detected in 153 countries, with a higher number of cases in the United States, Canada, United Kingdom, Germany and France.
In a blog post, Red Canary explained how it has been keeping tabs on malware for over a week (as of February 18) and “neither we nor our research partners observed a final payload, leaving the ultimate goal of Silver Sparrow’s activity a mystery. “
While much remains unclear about Silver Sparrow, the security company was able to provide a few details:
“We have found that many macOS threats are distributed through malicious ads like single, independent installers in PKG or DMG form, masquerading as a legitimate application (like Adobe Flash Player) or as updates. In this case, however, the adversary distributed the malware in two separate packages: updater.pkg and update.pkg. Both versions use the same techniques to run, differing only in the compilation of the viewer binary. “
There is also another thing the researchers were able to discover: There are two different types of this malware. One was designed primarily for Intel-equipped Macs, while the other is specifically designed for Apple’s new M1 chipset.
Apple confirmed to Mashable that after discovering the malware, it has since revoked the certificates for the developer accounts used to sign the packages. Thus, new Macs cannot be infected.
But it should also be noted that Silver Sparrow is in fact the second malware designed to run on Apple’s internal chip. According to 9to5Mac, another piece of malware was also discovered in mid-February by security researcher and Objective-See founder Patrick Wardle.
But the company maintains its security commitment to protecting Macs. Apple says that any downloaded software outside Mac App Store uses technical mechanisms (including its notary service) to detect malware and then block it so that it cannot run.
It’s only been less than a year since Apple introduced its line of Macs with M1 engines, which includes the MacBook Air, MacBook Pro, and Mac Mini. With their own silicon, the new machines offer better battery life, faster performance, and the ability to run iPhone and iPad apps.
Having reviewed both MacBook M1s myself, I can attest to the huge improvements over previous Intel models from Apple. But of them There are still some concerns about different types of malware detected within three months of the new line’s release.
[ad_2]
Source link