M1 plagued with silent malware yet again – Digitalmunition

Cyber Attack | Data Breach 2

Published on February 22nd, 2021 📆 | 7125 Views ⚑


M1 plagued with silent malware yet again

The trouble seems to find M1 processors every time, as one more malware has infected more than 30000 MacBooks harboring the processor. The last one was from the Pirrit malware family and this one is similar to the category of the adware that finds solace in infecting Apple Macs. The general notion about Apple products and macOS is that they are devoid of malware and almost impenetrable. It is a false notion but considering the new architecture of M1 processors the security should have been complicated to penetrate. Silver Sparrow is the newest adware to infect the MacBooks although preventive actions have been taken to patch the existing vulnerabilities.

Like the last malware, the Silver Sparrow hid behind a bogus chrome extension that secretly installed on M1 MacBooks and ran a series of JavaScript code in the background. One thing to note is that the malware was found out before it could self-destruct after executing an unknown payload. Silver Sparrow has been traced back to MacBooks present in almost 153 countries, with dense infections rate in the United States, the United Kingdom, Canada, France, and Germany.


A noteworthy thing about the malware is that it snuck in posing as an update package with a PKG or DMG format. Once installed, it runs on the startup of your device and keeps pinging a remote server on an hourly basis for a nonidentified reason. Regardless of what it could do, Apple has revoked the binaries corresponding to the Silver Sparrow installation that will prevent the users from accidentally installing it again. Red Canary has issued detailed steps on how to check if your M1 or Intel Mac is affected by the Silver Sparrow malware as depicted in the image below.


While the steps can guide you to remove the malware, there are a few things you could do to avoid being exploited by malware on a regular basis. The first is to avoid using bogus or uncertified extensions on the Google Chrome browser. They are best left to the Chrome store and please report them as soon as you see them. Malware also tries to run automatically at startup so checking for any startup items that appear sketchy and do not make sense, web search and remove them at once.

M1 processors are fairly new for even software developers, and it is perplexing to witness malware creators come up with compatible code for it just after a few months of the launch. If Silver Sparrow did not do anything like executing a payload, still it was able to get inside the OS undetected. Such security penetrations raise questions about transitioning to the M1 Mac as they are quite vulnerable and a hot target for malware developers. Its compatibility with the M1 Macs and a high infection rate raises the concern about its actual intention of installing on the systems. Since the security firms are also becoming slowly acquainted with the M1 processor, finding malware and developing detection software will take quite longer than you expect.

Tagged with:

Leave a Reply