A new strain of malware has affected around 30,000 Macs, but its intentions remain mysterious to security researchers. The malware has been called “Silver Sparrow.”
According to researchers at security firm Red Canary, Silver Sparrow infected 29,139 macOS endpoints in 153 countries. However, the most affected users are based in the US and Europe, including the United Kingdom, Canada, France, and Germany.
The malware affected both Intel-based Macs and newer Macs based on Apple’s in-house first computer chip, M1. For the latter, Silver Sparrow is now the second known malware to infect Apple’s M1 chip.
The intentions behind the malware are yet to be known, and it had not yet been used in any nefarious ways by the creator(s).
“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” the security researchers said in a statement.
But until the discovery, no commands had been issued yet. And it’s also unknown how the malware was delivered to many Macs around the world.
The team also discovered that the malware had built-in self-destruction code to cover its tracks once the mysterious mission is complete.
Apple to the Rescue
Apple took action yesterday by revoking certificates of developer accounts used to sign the certificates to prevent further spreading. The company also iterated that Silver Sparrow had not yet been used to deliver any payload.