It was only recently that cybersecurity experts identified the first malware- Silver Sparrow, that threatens Apple computers with an M1 chip when news of a new threat emerged. Once again, the malware targets both Intel-based Macs and Macs with the Apple M1 chip. Experts note that they have already been infected over 30,000 computers Apple, and their number is constantly growing. Yes, it might even be on your Mac. The situation is complicated because so far, the “malware” does not manifest itself in any way and has a self-destruction mechanism, so it is impossible to determine exactly what software has ever visited your computer.
New malware is difficult to detect because it does nothing.
What is Silver Sparrow?
Specialists from Red Canary (who detected the malware) named the new threat Silver sparrow. Moreover, they managed to find two versions of the malware: one was compiled for Intel x86 and x64, and the second for the M1 chip with ARM architecture.
According to experts, this is precisely the worst thing. Apparently, the software is under active development, and hackers can use Silver Sparrow for their own purposes at any time. From stealing user information to using the computing power of computers for their own purposes.
Apple quickly responded to the new threat and revoked all developer certificates under which the malware was distributed. Mac users will not be able to install it on their computers if they use the default security settings. We are talking about installing applications only from the Mac App Store or from developers with valid certificates.
How to check your Mac for Silver Sparrow Malware?
Silver Sparrow threatens tens of thousands of Macs.
Surely after reading, you started to worry that you could get infected. It is important to note that your own computer cannot get infected – only if you yourself downloaded some software (for example, from a torrent or a dubious site) and installed it. Therefore, to begin with, remember what you have been doing with your computer lately. Have you been prompted to download a software package or update it on a website? Did you download something from the pop-ups in your browser when you didn’t originally plan to do so? Was the uploaded file named, for example, “update.pkg” or “updater.pkg“?
If so, then there is reason to suspect that Silver Sparrow infects your Mac. So far, there is no real way to determine if the specified malware is present on your system, as it does nothing at the moment, and it is unclear if it will do anything at all. But you can look for files that malware dumps into your system. Red Canary marks four files that may indicate that your system is infected:
- ~ / Library /._ ins (an empty file used to make the malware delete itself);
- /tmp/agent.sh (script for reinstallation);
Try looking for these files on your Mac, and if you find them, remove them immediately.
You can also try downloading the free version Malwarebytes apps for Mac. Since the antivirus creators helped Red Canary detect the new threat, the chances are high that using this popular scanner and malware removal tool will help remove the “malware.”
Apple is also expected to release a Mac software update soon, protecting computers from Silver Sparrow. But no one guarantees that other certificates will not be used to distribute malware or a new threat for M1 will not be released. The main rule to follow to protect yourself is not to install applications from questionable sources.