A malware called Silver Sparrow has infected nearly 30,000 Apple Macs with macOS, even affecting computers with the new M1 chip from Apple silicon. The data has been discovered by security researchers at Red Canary, who have subsequently worked to analyze the problem with others from Malwarebytes and VMWare Carbon Black.
The incidence of these 29,139 cases is widely distributed, since Silver Sparrow affected teams from 153 countries until last February 17. The most intense malware activity has been located in the United States, United Kingdom, Canada, France and Germany, according to research. It is no coincidence that in several of these countries the market share of Apple equipment is higher than the average.
The cause of the infection is not clear
Researchers have been monitoring the effect of malware, without actually seeing its ultimate effects as they analyzed it. In other words, they have been able to access infected computers, but the malware only waited to receive external orders in the form of commands, which never arrived during the process in which they attended to their incident.
Even so, Red Canary warns that this does not mean that Silver Sparrow does not pose a threat to its observed lack of activity, as this could even be a mechanism executed when detecting investigators' detection tools. The biggest problem, right now, beyond not knowing its possible future manifestation, is that it is also not known how Silver Sparrow is infecting so many computers.
The investigation mentions that malware could arrive with cracked applications, malicious advertising or fake Flash updaters, which even after the goodbye of Flash remains one of the most active "contagion" routes on macOS. As always, many of these installations occur after bypassing Gatekeeper security in 'System Preferences'.
Via | ZDNet