– [Originally published on Feb. 22]: As we reported last week, independent security researcher Patrick Wardle discovered the first malware software to target the M1 chipset. Now, there’s another one. It’s been dubbed “Silver Sparrow” — and this one is dangerous.
MacBook Air with M1 reviewApple’s M1 laptops face their first malware threat — Here’s what we know
Silver Sparrow is swooping in on M1 MacBooks
Silver Sparrow, malware created to be compatible with M1-equipped laptops, was discovered by cybersecurity firm Red Canary. Researchers are baffled and dumbfounded by the new malware strain, which infected 29,139 macOS devices across 153 countries as of Feb. 17, according to Malwarebytes data. Investigators found the highest volumes of Silver Sparrow in the U.S., the U.K., Canada, France and Germany. So why are researchers mystified by Silver Sparrow? Well, they’re uncertain of its motive and intent. “After observing the malware for over a week, neither we nor our research partners observed a final payload, leaving the ultimate goal of Silver Sparrow activity a mystery,” Tony Lambert, Red Canary’s intelligence analyst, said. So far, what researchers do know is that Silver Sparrow is set to check a remote control server once an hour to download a payload (a command the malware runs to execute its infection scheme). Due to no payloads being delivered, experts are befuddled by Silver Sparrow’s goal. Researchers suspect that Silver Sparrow is waiting for specific conditions to be met before it “wakes up” and wreaks havoc inside MacBooks around the world. “Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” Lambert said. Interestingly, Silver Sparrow has a self-destruct capability, which means the malware can remove itself from a laptop if it’s directed to do so. Silver Sparrow sounds like a sleeping beast and the hacker may be waiting for the right moment to strike. Unfortunately, Red Canary’s researchers have not yet offered guidance on how to remove the malicious software.