A new and suspicious malware is detected from Intel and M1 macOS and is now on 30,000 laptops from the Cupertino-based tech giant.

According to Mashable, the malware, named "Silver Sparrow," was discovered by Red Canary, a security operations firm in Denver, Colorado.

The operations firm stated on their blog that they were keeping a close eye on the malware for over a week and stated that the "Silver Sparrow" activity is still a mystery.

'Silver Sparrow' has two types

Meanwhile, Red Canary researchers also discovered that "Silver Sparrow" has two different types; one was built entirely for Intel-powered Macs, while the other is compiled specifically for Apple's new M1 chipset.

This is also the second piece of malware designed to run on Apple's in-house chipset for Macbooks. The first malware was found in February by security researcher and Objective-See founder Patrick Wardle.

Read Also: Mac M1 UltraWide Monitor Issues Concern Users, Apple May Fix Lapses in Future MacOs Updates

How did the malware infiltrated PCs?

ITWire reports that Red Canary detection engineers Wes Hurd and Jason Kilam said that "Silver Sparrow" is a serious threat due to its forward-looking M1 compatibility, global reach, relatively high-infection rate, and operational maturity.

The engineers stated that they are not sure of the initial distribution method for PKG files but suspects that the suspicious search engine results from direct victims to download the PKGs based on network connections from the victim's browser.

However, the Red Canary engineers are not certain due to limited visibility on what cause the download.

Hurd and Kilam continued that they are unable to identify the file ~/Library/._insu but suspect that this file is a part of a toolset the adversary wishes to avoid. They also speculate if a part of the malware's life cycle is to remove components after an objective has been met.

The engineers also said that they have no way of identifying what payload would be distributed by the malware, stating that payload may have already been delivered and removed or if the adversary has a future timeline for distribution.

"Given all of this, 'Silver Sparrow' is uniquely positioned to deliver a potentially impactful payload at a moment's notice," said the engineers.

Both the Red Canary engineers, Hurd and Kilam, stated that they wanted to share the information with a broader infosec industry sooner rather than later.

Malware invades computers in 153 countries

Meanwhile, Ars Technica reports that "Silver Sparrow" comes with a mechanism to remove itself completely, a capability reserved for high-stealth operations. It is stated that there are no signs of a self-destruct feature that has been used. Thus, raising the question of why the mechanism exists.

It has been less than a year since Apple introduced the M1-powered Mac lineup to the market that includes the MacBook Air, MacBook Pro, and MacBook Mini with its own silicon that better features, battery, and faster performance.

"Silver Sparrow" has now been detected in 153 countries such as the United States, Canada, United Kingdom, Germany, and France. However, the Denver-based security operations solutions company can assess the macOS malware any time soon.

Related Article: 'Silver Sparrow' Malware Found Hidden in 30K M1 Mac Units -Is it Dangerous?

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion