While news of malware infections on Macs is relatively rare, new information about nearly 30,000 Macs infected is a matter of concern due to its complex nature and lack of information available.
Researchers at Red Canary have discovered a new type of macOS malware they dubbed Silver Sparrow. The malware is strange for many reasons, the main one being that it has remained largely inactive until now. Despite the fact that it exchanges data with the command and control servers once an hour, waiting for the execution of potentially malicious binaries, at the moment Silver Sparrow has not harmed infected computers.
In addition to the Intel x86_64 variant, an analog for the Apple M1 was found. Both versions contain “third party observer binaries” which, when run, display “Hello World!” and “You did it!” Displaying such messages on the screen is not a serious problem, but potentially the malware can start performing some work on request from the control servers. Red Sparrow emphasized that complex infrastructure leverages CDNs and AWS networks effectively, making it difficult to track and remove.
Another interesting fact about Silver Sparrow is that it contains self-destruct mechanisms that remove all traces of malware from infected devices. This mechanism was not observed by default on infected computers, which means that it was loaded randomly based on the fulfillment of currently unknown conditions.
Red Canary reported that as of February 17, 2021, 29,139 macOS devices were infected in 153 countries.
.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
