25 February 2021
Red Canary security researchers have discovered a mysterious and sophisticated macOS malware said to be affecting 30,000 Macs around the world. It is currently being referred to as Silver Sparrow and has a variant specifically optimized for Apple's M1-powered MacBook units launched last year.
The report reveals that the macOS malware on affected units checks for a control server once every hour. This is the only thing known about what the malware does. The team is yet to discover any kind of payload and as a result its ultimate goal. It is speculated that there is an unknown condition that needs to be met for the malware to get active and start its actual job.
One of the interesting things about Silver Sparrow is that it features an auto-destruction mechanism. It means if the hackers behind the malware want no one to have anything tracing back to them, they can simply make it destroy itself. This is something that is not a common thing to happen with malware.
As noted by Red Canary researchers,
"Though we haven't observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment's notice."
As things stand now, the actual motive behind sending Silver Sparrow out to affect thousands of Macs is unknown. We will keep you updated as and when more details will surface about the malware and what it is capable of doing.