Alarming macOS Malware Found on Over 30k Machines (Including M1 Macs) – Review Geek

Must read

How to disable and delete Samsung Pay from your Galaxy phone

When it comes to paying conveniently, Samsung Pay makes using your phone as a bank card an easy process; however, there may come...

How to Hack the Hidden Google Chrome Dinosaur Game

Most of us have seen the dreaded “No Internet” error message on Google Chrome. You can actually turn this screen into a fun,...

PS5 restock on Twitter: how to track it at Target, Walmart and Best Buy

Late Thursday update: We didn't see a PS5 restock on Thursday, however, we're tracking new stock that is rumored to launch tomorrow, Friday...
Bhawani Singh
I am a blogger who believes in delivering latest tech news from around the world to my viewers.

A partially-opened MacBook on an ominous black background.

Security researchers at Red Canary have discovered a mysterious new malware on nearly 30,000 Macs, though the actual number of infected computers is probably much higher. It appears that the malware, nicknamed Silver Sparrow, is waiting for the right moment to deliver a malicious payload to its host devices. It’s one of the first viruses to run natively on both Intel and M1 Macs.

Silver Sparrow hasn’t harmed any computers yet, but it checks a control server for new commands every hour. Without access to this control server, we have no way of knowing the goal behind Silver Sparrow. That said, the fact that someone is waiting to “activate” the malware is alarming.

A diagram showing each version of the macOS malware and how it works.
Red Canary

Another alarming factor is Silver Sparrow’s unique, ingenious design. It’s distributed in two unique packages, titled updater.pkg and update.pkg. While macOS malware usually relies on preinstall or postinstall scripts to execute commands, these packages execute commands through the less-transparent JavaScript API. Of all the malware that Red Canary has encountered, it says that Silver Sparrow is the only one to leverage the JavaScript API.

Upon installation, Silver Sparrow looks up the URL that it was downloaded from, probably to help its designers track which infection methods are the most effective. Interestingly, Silver Sparrow relies on AWS S3 and Akamai CDN cloud services for file distribution, which suggests that its designers are experienced with web servers and cloud computing. Cloud distribution is more resilient than single-server distribution methods, and using popular cloud infrastructure like AWS allows the malware designers to “blend in” with regular web traffic.

Red Canary teamed up with MalwareBytes and found the Silver Sparrow virus on nearly 30,000 computers. Of course, this is just the number of infected computers that MalwareBytes has access to, the actual number of infected computers is probably much higher. Scroll to the bottom of Red Canary’s report if you want to hunt for Silver Sparrow on your Mac, or use the MalwareBytes antivirus software to scan your computer for the virus.

Source: Red Canary via Ars Technica

Source link

More articles

Leave a Reply

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

- Advertisement -

Latest article

Nothing: Nothing unveils Teenage Engineering as founding partner

London-based consumer technology company Nothing has announced Teenage Engineering as a founding partner of the company. Teenage Engineering is a Stockholm-based company that...

iRobot’s Roombas Can’t Go Home, They’re Drunk—Update Weeks Away – Review Geek

Grzegorz Czapski/Shutterstock.comA recent update for i7 and s9 Roomba vacuums is causing them to act ‘drunk,’ according to various user complaints. The manufacturer,...

Amazon Luna is coming to Fire TV and you won’t need an invite

Amazon is expanding the beta for its Luna game streaming service. Now anyone with a Fire TV device can try the over-the-web gaming...

India Approves Rs. 7,350-Crore PLI Plan to Boost IT Product Exports

India approved a Rs. 7,350-crore plan to boost local manufacturing and exports of IT products such as laptops, tablets, personal computers, and servers,...

Oppo Reno 5K Price, Specifications Surface Ahead of Expected Thursday Launch

Oppo Reno 5K launch is expected to take place on Thursday, February 25. Meanwhile, key specifications and pricing details of the new Oppo...
- Advertisement -