A strange new malware called Silver Sparrow has been detected on almost 30,000 Mac computers in 153 countries around the world.
Malware isn't as common on Mac computers as it is on machines running Windows, and what is especially interesting here is how Silver Sparrow has been found to infect both Intel-powered Macs and those using Apple's all-new M1 chip.
A total of 29,139 computers running macOS have been infected, with the majority in the US and UK as well as Canada, France and Germany. However, while the malware has spread widely its goal isn't clear. Cybersecurity researchers don't yet know what the malware is hoping to achieve.
It also isn't known how the malware was spread or how the computers were infected in the first place. Mac malware is commonly hidden inside pirated applications, malicious web ads and fake Flash updates.
The malware was discovered (and named) by security researchers from Malwarebytes and Red Canary. It is said to carry a payload that hasn't yet been discovered, and there is an integrated self-destruct mechanism that could remove all trace of the malware.
Red Canary goes into more detail in a blog post, saying: "The ultimate goal of this malware is a mystery. We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution...the nearly 30,000 affected hosts have not downloaded what would be the next or final payload."
Despite the missing payload, Silver Sparrow's forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat. — Red Canary (@redcanary) February 19, 2021
Red Canary says Apple has revoked the binaries in a bid to prevent any macOS machines becoming newly infected.
The researchers also explain how, while the malware doesn't appear to have caused any damage just yet, it can be described as a "reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment's notice."
Once installed on an infected machine, the malware doesn't do anything. Instead, it sits and waits for a command on what to do next. These commands were yet to arrive during the time researchers have studied the malware.
Although Apple's own M1 chips have only been around for a few months, Silver Sparrow is the second known piece of malware targeting the new silicon. The first was reported just a week earlier by Objective-See security researcher Patrick Wardle.
As ever, readers are advised to remain vigilant while growing online and to not click on or download anything they think looks suspicious. Mac users should also remember that, while Apple computers are generally a smaller target than Windows, they are still at risk – as these recent two example of Mac malware demonstrate.