A recently discovered macOS malware has caught the attention of the security community due to its highly sophisticated nature and the mystery surrounding its missing payload. Dubbed "Silver Sparrow", the malware was discovered a few days ago and is known to have infected 30,000 Intel and M1 Mac devices spread across 153 countries. Now, it appears that Apple is taking steps to mitigate potential threats posed by Silver Sparrow.
Apple has reached out to Apple Insider to confirm that it has revoked the certificates of the developer accounts that were used to sign the malicious package. While this restricts the spread of this particular Silver Sparrow variant, it still leaves the door open for similar packages signed with a different certificate.
Furthermore, Apple has noted that it has many security measures in place at both hardware and software level. Furthermore, the company also releases software updates regularly which contain patches against potential threats such as Silver Sparrow.
That said, Apple as well as the cybersecurity community will likely be keeping an eye on this particular strain and its potential offshoots, given that it is seemingly in development by an advanced malicious actor. On infected machines, Silver Sparrow communicates with control servers once every 24 hours, awaiting binaries to receive and execute. It also has ephemeral self-destruct mechanisms in place that remove any trace of your machine being infected, even if your machine has already been attacked.
Source: Apple Insider
10 Comments - Add comment