It seems like there’s trouble brewing over at Apple. Discovered by security researchers Red Canary, a virus called Silver Sparrow seems to have infected almost 30,000 Macs. The only saving grace is that there seems to be no real reason why these Macs have been infected by the virus. It looks to be a new strain of macOS malware that affects Intel and Apple Silicon processors. Red Canary has stated that the malware does pose a ‘reasonably serious threat’ and that it, “did not exhibit the behaviours that we’ve come to expect from the usual adware that so often targets macOS systems.”
The security researchers also stated that the malware doesn’t really do anything, as of now. But that doesn't mean it couldn’t affect something or the other in the future. In fact, the researches state that the virus was “positioned to deliver a potentially impactful payload at a moment’s notice”. So, there could have been serious consequences if this threat had not been detected sooner.
We've gotten a ton of requests for access to Silver Sparrow samples. We didn't link to them when we first published our research, but we've added links since. For convenience, you can find the samples here:— Red Canary (@redcanary) February 22, 2021
Version 1: https://t.co/rl8oGKptEn
Version 2: https://t.co/34nbbiEaEy
As of now, the team still has no idea how the virus spread through so many Macs. Apple has also rescinded developer certificates that let the virus infect other Macs and that no new Macs will be affected by this particular malware. In fact, Apple has also updated its Platform Security Guide, a document that has only grown over the last decade. Currently, the guide sits at over 200 pages and outlines every security measure that Apple implements across its set of devices and operating systems, including iOS, iPadOS and even WatchOS. You can read more about that story here.