Security researchers have discovered a new strain of macOS malware dubbed “Silver Sparrow” that has secretly infected nearly 30,000 Apple Mac devices.
Researchers from Red Canary, with contributions from Malwarebytes and VMWare Carbon Black, spotted and analyzed the previously undetected operation in a report released last week.
As of February 17, Silver Sparrow has infected devices in 153 countries, including those in the United States, the United Kingdom, Canada, France and Germany.
“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” Lambert wrote in recent blog post.
The report includes technical details on two Silver Canary malware samples.
The first sample contains a Mach-O binary compiled for Intel x86_64 architecture only. However, the second sample is also a Mach-O binary compiled binary, but can be used to target both Intel x86_64 AND M1 ARM64 architectures. The experts say the latter is significant given researchers have discovered very few threats against the young M1 ARM64 architecture.