Macs Infected with Silver Sparrow Malware

Researchers found malware targeting Mac devices which has silently infected thousands of Macs. The malware has been named Silver Sparrow. The malware is being tracked by researchers at Red Canary, Malwarebytes and VMWare Carbon Black.

The malware has infected Macs in 153 countries including the US, UK, Canada, France and Germany.

However, researchers don’t really understand how the malware gets into systems. Also, it is not clear what the purpose of the malware is.

Once it infects a system, it silently waits for instructions from its command server.

Silver Sparrow is now the second malware strain that can infect macOS installs running on Apple’s latest M1 chip. The fact that runs on the new chip with its added security features indicates the hackers have long term plans.

According to Red Canary:

“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,”

At this point there is no patch; what users need to do is be more alert. One possible attack vector is infected ads. If this is how it is being distributed then it is a “zero click” attack. Stay tuned. Credit: ZDNet

In addition, malicious advertising is abusing a WebKit zero-day bug to redirect iOS and macOS users to shady sites. The attacks were first spotted in 2020, so they have been attacking macs for five years.

The attackers were buying large quantities of ad slots even before that – dating back to 2018.

Over the last 90 days researchers say it has delivered malicious ads over 50 million times.

Even Apple has long lead times in fixing bugs. The researchers reported the bug to Apple last June and a patch for WebKit was shipped last December, but the fix didn’t make it into Safari until this month. Credit: ZDNet

by