Apple has reacted to the mysterious hardware affecting its Mac devices running on Apple silicon as 30,000 devices have been affected in more than 150 countries.
Apple reacted by revoking developers’ accounts to sign the packages; minimising any malicious effect on new macOS devices.
Also, Apple said that it had employed many security hardware and software promotions in its products and services, declaring that it will hold regular software updates to prevent threats from happening inside.
Apple spokesman said that; “There is no evidence to suggest the malware they identified has delivered a malicious payload to infected users.”
In early February, a US-based security company, Red Canary, discovered a malware strain in macOS; using LaunchAgent to make its presence known.
Tony Lambert, the spokesman for Red Canary, noted that the malware was not the typical malware as it used Java Script for execution.
It worked around files with “update. pkg” and “updater. pkg,” pretending like an installer.
The researchers named it ‘Silver Sparrow’, as it was not a fully developed ware; it was either a test ware or undeveloped ware.
Another mysterious element about the app is that it was the second type of malware to have targeted Apple’s new M1 ARL Architecture Macs.
Out of the countries in which the malware have been found, the dominating countries include; the US, U.K, Germany, France and Canada.
Despite all claims to be normalised, the software was able to spread across the platform and had added others.
Going further, Apple enabled every macOS infected with the Silver Sparrow malware to communicate with a control server every week to see if there was a new action point.
How can I know my device is infected?
The Apple spokesman said the malware is unusual, as it did not exhibit the response meant from it. However, the spokesman further explained that calls out a command- control format and control.
Also, the malware has a system that can see; it has a place to self destruct and hide its existence entirely.
According to Appleinsider, two versions of the malware were discovered; one consisted of binaries that affected Intel-based Macs only.
While the other was a binary that affected those with combined Itel and M1 chip architecture.
The first version opens a window that says ‘Hello, World!’, while the others open a window saying ‘You did it!’
‘Silver Sparrow is a serious threat’
“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” said Apple spokesperson
Also, Lisa Forte, Red cloth cybersecurity, said;
“The new attack should be a wake-up call to Mac users who assumed they were not at the same risk as Windows users of being infected by malware.”
She added that the hardware wasn’t anything corruptible but what’s alarming was that it spread fast and affected many computers.
Tony Lambert also mentioned some gaps that needed to be filled in regards to the Silver Sparrow.
“In addition, the ultimate goal of this malware is a mystery.
“We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution.
“Based on data shared with us by Malwarebytes, the nearly 30,000 affected hosts have not downloaded what would be the next or final payload.”
Also, Tony admitted that the malware’s ultimate goal was a mystery as there were several questions still surrounding the entrance into the systems.
“We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution,” Red Canary spokesman Tony added.