Apple Suffers Malware Scare

John Lister's picture

Apple says it has dealt with the risk from a newly-discovered piece of malware affecting macOS. It's a reminder that macOS isn't completely immune from malware - which may have been the point of the attack.

Security company Red Canary discovered the malware and dubbed it Silver Sparrow. It says data from Malwarebytes showed it was present on 29,139 computers. (Source: redcanary.com)

It appeared to target computers which have the M1 chip. That's an Apple produced processor designed specifically for Macs. It's combines multiple functions on a single chip, the idea being to increase efficiency and make the computer carry out key operations much more quickly.

Apple was able to stop the spread of Silver Sparrow because it uses digitally signed security certificates for software developers (similar to how HTTPS works) to authenticate and prove software has not been modified and is therefore not malicious. It was able to revoke the digital certificates for the account used to deliver the malware, meaning in theory the installation would fail and not install on any new machines.

Malware 'Phones Home' Hourly

Most common malware on Macs is designed to deliver unwanted ads, often to scam money from advertisers who don't realize their ads are being shown in an underhanded way that's unlikely to bring great results.

However, researchers say Silver Sparrow had the potential to be more serious. It's designed to hide itself and even self-destruct if necessary. It also checks a "command-and-control" server hourly to see if the creators have issued any new instructions. That could allow it to deliver more dangerous malware to the already-infected machine.

One possibility is that the creators simply weren't quick enough to exploit this potential before Silver Sparrow was discovered. Another theory is that the creators were simply demonstrating their ability to breach Mac security. (Source: bbc.co.uk)

Age Old Debate

How secure Macs are compared to Windows PCs is an oft-debated topic in the tech world. One argument is that the way the operating system and software works is inherently more secure (and less buggy) than Windows.

The counter-argument is that attackers simply put more of their energy into Windows PC because the potential pool of machines to infect and exploit is much greater. In reality, it's probably a combination of the two.

What's Your Opinion?

Do you use a Mac? Do you feel Macs are fundamentally more secure than Windows PCs? Does that lead Mac users to be more relaxed about following good security practices?

Rate this article: 
Average: 5 (10 votes)

Comments

ifopackets_10683's picture

As Apple sold more stuff, SEEMS LIKE the hackers became more interested.

soc3w_14613's picture

Unable to compare Macs to Windows PCs. However, as I'm on an M1 Mac, concerned re. its security after Silver Sparrow, esp. as Comcast just quit offering Norton & I'm getting phishing emails trying to scam me into "renewing"it.

Do you offer support to Mac users as those on Windows PCs? Is Comcast's security minus Norton sufficient, or should I add AVAST or other free software?

Thanks!