If a reminder was needed that no platform is safe from infection, a brand new one strain of malware was detected hiding on 30,000 Macs waiting to know what to do.
Silver Sparrow is also unusual as it is only the second known malware capable of targeting the new Mac with M1 ARM architecture , and because it 's not done anything yet. Macs located in 153 different countries are known to be infected, although the highest volumes are found in the United States.is, UK, Canada, France and Germany.
Silver Sparrow is taken very seriously because of the success it has already managed to quietly infect more than 30,000 Macs worldwide, but also because the malware uses Amazon Web Services and Akamai to its order infrastructure. This means that it could prove to be very difficult to eliminate.
So far, every Mac infected with Silver Sparrow communicates with a server controller every hour to see if there are new commands to run. So far, none appear to have been issued. The researchers also found that the malware includes the ability to remove itself from a system, which means it could be used to run a command and then disappear quickly.
Lambert points to many intelligence gaps that need to be addressed when it comes to Silver Sparrow. "Moreover, the ultimate goal of this malware is a mysterytime. We have no way of knowing for sure what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future schedule. for distribution. Based on data shared with us by Malwarebytes, the approximately 30,000 affected hosts did not download the next or final payload. "
Anyone wishing to check if their Mac is infected with Silver Sparrow can read the " Indicators of Compromise "section of Red Canary Blog Post for advice on what to look for.