Wired
Only a few months after Apple’s first M1 chip Mac computer was launched, and compatibility has not yet been fully popularized, Red Canary, a computer security research organization, discovered that 30,000 M1 series Mac computers worldwide have suffered from the name “Silver Sparrow (Silver Sparrow). )” Malicious program infection, current researchers are also analyzing the attempts and details of malicious software.
According to Red Canary researchers Wes Hurd and Jason Killam, the latest M1 chip malware “Silver Sparrow” was revealed, and it was divided into two versions, which were found on Intel x86 processors and Apple M1 chips. When Mac computers were infected After malicious software, it will automatically detect the monitoring server every hour to confirm whether a new command has been received. At present, information security researchers have not found any commands.
Red Canary believes that “Silver Sparrow” covers the world. Although “Silver Sparrow” has not been found to cause malicious attacks, the M1 chip infection rate is extremely high, which will cause serious security to macOS. Threatened.
Red Canary also obtained a free malicious anti-virus tool Malwarebytes also provided relevant data. As of February 17, “Silver Sparrow” had infected nearly 30,000 Mac computers in 153 countries and regions around the world, including the United States and the United Kingdom. , Canada, France and Germany are the hardest hit areas.
As for “Silver Sparrow” disguised as a legitimate application or update (.PKG), it is regarded as the first macOS to use novel technology to execute macOS Installer JavaScript API commands. If it is infected, it will only pop up the “Hello World!” window. On the M1 computer, a red window with “You did it!” is displayed. Red Canary believes that they will be distributed through search engines, causing users to download malicious PKG files.
However, Apple has received this report and has revoked the developer certificate of the “Silver Sparrow” binary file, which can prevent users from accidentally installing malicious programs and minimize the infection of Mac computers.
The launch of the M1 chip has attracted worldwide attention and is easily targeted by hackers. In fact, “Silver Sparrow” is not the first malicious program. Before this, Mac security researchers Patrick Wardle It was discovered that the first “GoSearch 22” malicious program on the M1 chip hijacked browser search results, injected advertisements and steal user data. This malicious program was directly tied to free online download sites. It is currently difficult for antivirus tools to detect ARM64 binary.
Wardle is also curious about whether any other undiscovered binary files have been infected. He also used the VirusTotal database to search for relevant parameters and found that there were more than 200 results, most of which occurred on the old and new iPhone and iPad chips to execute iOS jailbreak plugins. It also shows that many jailbroken users like to install pirated plug-ins, which will face great security risks.
When Apple launched its self-developed M1 chip, it also faced the threat of M1 Mac malware. The myth that Mac does not require anti-virus software and will not be poisoned has long been shattered. From now on, Mac users must pay special attention to downloading from the Internet Is the installation package and source safe?
Reference source:redcanary,wired,macrumors,arstechnica,malwarebytes
If you like the teaching of this article, I would like to learn more about Apple information, iPhone, Mac hidden 3C skills, welcome to follow up