Apple has taken steps to eradicate mysterious malware strain

article thumbnail

Following the discovery of a new and unusual malware that had the potential to attack Macs running on Apple Silicon, Apple has moved to minimize any impact the maliciously-crafted software could have in the future.

On Saturday, malware was revealed by by Red Canary researchers to use an unusual attack vector to install malware onto macOS. The cluster, named by researchers as "Silver Sparrow," was also found to be an early example of malware that had the capability of attacking Apple Silicon Macs.

More unusually, the malware seemed to be an in-development or test malware, rather than a fully-realized threat, as it lacked a malicious payload. However, it did have the capability to add such an item at a later date through repeated hourly updates.

So far, it seems that no malicious payload has been delivered at all, and it appears unlikely one will be on the way anytime soon.

Shortly after the publication of the malware details, Apple took steps to curtail the potential damage that Silver Sparrow could cause down the line.

An Apple spokesperson informed AppleInsider the company had already revoked certificates for developer accounts used by the malware's creator to sign the packages. The action effectively prevents any new Macs from being infected by the malware, reducing any further spread.

As well as certificate-revocation, Apple notes that it also employs many security hardware and software protections in its products and services, as well as deploying regular software updates that can prevent threats from having an impact.

While the Mac App Store is probably one of the safest places to acquire Mac software due to these protections, the spokesperson added software acquired outside the Mac App Store is also safeguarded. Apple's use of the Notary Service and other security mechanisms are employed to detect malware and block it before it has a chance to run, they added.