At Least 30,000 Mac Users Infected With New Malware Strain

In late February security researchers with Red Canary published their findings on a new strain of malware targeting Mac computers. The new malware is named Silver Sparrow and its purpose is still a bit unclear.

According to reported numbers, Silver Sparrow has infected around 30,000 computers running Apple's macOS. The infections are spread among over 150 countries and the largest numbers of infected systems are located in English-speaking countries, Germany and France.

The main distribution vector of the new malware is still unknown. Researchers suggest the usual suspects - applications downloaded from sources other than the official App Store or malicious files posing as updates for the now-discontinued and unsupported Flash platform.

Another mystery surrounding Silver Sparrow is what its ultimate purpose is. Infected sandbox systems showed that the only thing the malware does is wait for input and commands from the bad actors that run the infection campaign.

However, those commands never arrived and researchers suspect the malware might have sandbox detection and evasion capabilities that allow it to distinguish regular victims from researcher testbeds.

Researchers also believe that the relatively high number of discovered victims suggests that this is not a small-scale operation or a simple test.

Silver Sparrow is also the second strain of malware discovered so far that is able to infect and work on systems running Apple's new M1 chip architecture. This alone is sufficient proof that the malware is not a one-off shot in the dark and if anything, it might evolve into something more significant in the future.

It's worth mentioning that the current lack of hard information about Silver Sparrow's behavior, purpose and capabilities means that the malware might already be fully equipped with a full arsenal of malicious tools delivered only onto real victim's Macs, given the malware's sandbox evasion is good enough.

The Silver Sparrow malware is the latest addition to the relatively small roster of malicious tools hackers use to infect Mac computers, at least compared to the vast ocean of Windows PC malware. However, it should serve as a reminder than you are not magically safe from all forms of digital intrusion simply because you use a Mac.

February 23, 2021