Security researchers from Red Canary last week discovered a new malware—called Silver Sparrow—that has silently infected almost 30,000 Macs. While the distribution vector for the malware still remains unclear, Apple has already taken steps to prevent its further spread.
Apple told AppleInsider that the company has revoked certificates for the developer’s account used to produce the malware and sign the packages. This means that the malware won’t install on new Macs. Current Macs, however, may still remain affected.
The Silver Sparrow malware made headlines last week especially due to its strange nature. Even if a Mac is affected, the malware does absolutely nothing, waiting for commands from its operators.
Even security researchers from Red Canary, Malwarebytes, and VMWare Carbon Black, who initially discovered and analyzed the malware respectively, don’t have a clue about the intentions of the malware.
That isn’t to say that it’s a failed malware strain, according to Red Canary. It could mean that the malware is capable of detecting it is being monitored for security research and is avoiding delivering payloads to target systems as of now.
The interesting thing here is that the malware natively works on M1 Macs, confirming the fact that it’s a novel threat.
Red Canary’s Tony Lambert wrote in his report, speaking of the seriousness of the threat:
“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice.”
Thankfully, unaffected Mac users won’t have to worry about it now.
Let us know your thoughts in the comments section below.
