There’s a common misconception out there that Macs can’t be hacked or that they’re immune to viruses. A massive malware campaign has just proven otherwise.
Nearly 30,000 Macs Found Hacked With Malware
According to Ars Technica, malware previously undetected has been found on nearly 30,000 Macs across the globe. Known as “Silver Sparrow,” this malware is particularly mysterious.
Macs infected with malware are programmed to check a control server every hour to see if there are any new commands or binaries to execute. So far, researchers have not seen any payload delivered by this malware, which means they don’t really know this software’s goal.
That means there’s a chance that its commands could be unleashed once some unknown condition is met.
Even more curious is the fact that the malware is programmed to self-destruct. This type of feature is usually reserved for ‘high-stealth operations.’
What Types of Macs Were Targeted?
What makes this malware even more surprising is that it was programmed to run on Apple’s new M1 chips. That’s impressive when you consider that these chips just hit the market in late 2020.
Security researchers at Red Canary dubbed Silver Sparrow a “reasonably serious threat.“
Apple switched from using Intel computer chips to using their own M1 chips in two of their most popular devices: the 13-inch MacBook Pro, Mac Mini, and the MacBook Air. M1 chips were very impressive by almost every metric compared to the Intel chips. Wired warned that vulnerabilities might have been exposed during the transition.
And we’ve already seen some of that unexpected downside.
Last week, Objective-See researcher Patrick Wardle published findings of the first piece of malware targeting Apple’s new silicon. Now there are already two cases.
Silver Sparrow has been found in over 153 countries, with higher concentrations in the US, Canada, France, UK, and Germany.
Should You Be Worried?
Despite its ‘reasonably serious threat’ status, Silver Sparrow has yet to cause any actual damage or deliver any malicious payloads. An Apple spokesperson told Ars Technica that it had revoked the certificates of the developer accounts used to sign the packages.’ That should prevent new devices from being infected.
As always, you should do your part in keeping your computer safe.
Create long, varied passwords, especially for sensitive accounts. Be aware of URLs, email addresses, and other general inconsistencies from ‘familiar services that may actually a phishing attempt. Enable two-factor authentication wherever you can.
And if you think you’ve been hacked, reach out to us immediately.
Featured image by Omar Tursic from Shutterstock.com