![[-]](https://www.aiowares.com/images/collapse.png "[-]")
04-10-2021, 01:58 AM
Security researchers uncovered malware affecting tens of thousands of macOS devices, but it's unclear what exactly the malware does. Earlier this month, Red Canary detection engineers Wes Hurd and Jason Killam came across a strain of macOS malware using a LaunchAgent to establish persistence. Nothing new there. However, their investigation almost immediately revealed that this malware, whatever it was, did not exhibit the behaviors that we’ve come to expect from the usual adware that so often targets macOS systems. The novelty of this downloader arises primarily from the way it uses JavaScript for execution—something we hadn’t previously encountered in other macOS malware—and the emergence of a related binary compiled for Apple’s new M1 ARM64 architecture, affecting both Intel and Apple Silicon processors, this malware, nicknamed "Silver Sparrow," still poses a threat.
According to data provided by Malwarebytes, Silver Sparrow had infected 29,139 macOS endpoints across 153 countries as of February 17, including high volumes of detection in the United States, the United Kingdom, Canada, France, and Germany.
Although Silver Sparrow has not been observed delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice.
Hmm, the every time I talk to a mac/apple person, they always say that they don't catch viruses as a reason for not using Windows OS. I guess they better get inoculated.
“For every reason it’s not possible, there are hundreds of people who have faced the same circumstances and succeeded.”
Code:
https://redcanary.com/authors/jason-killam/
https://attack.mitre.org/techniques/T1543/001/
https://www.apple.com/mac/m1/According to data provided by Malwarebytes, Silver Sparrow had infected 29,139 macOS endpoints across 153 countries as of February 17, including high volumes of detection in the United States, the United Kingdom, Canada, France, and Germany.
Although Silver Sparrow has not been observed delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice.
Hmm, the every time I talk to a mac/apple person, they always say that they don't catch viruses as a reason for not using Windows OS. I guess they better get inoculated.
“For every reason it’s not possible, there are hundreds of people who have faced the same circumstances and succeeded.”
