'Silver Sparrow' Malware infected around 30,000 Apple Macs
By MYBRANDBOOK
Researchers have disclosed a previously undetected piece of malicious software that was found in about 30,000 Macs running Intel x86_64 and the iPhone maker's M1 processors. Calling the malware "Silver Sparrow," cybersecurity firm Red Canary said it identified two different versions of the malware - one compiled only for Intel x86_64 and uploaded to VirusTotal on August 31, 2020 (version 1), and a second variant submitted to the database on January 22 that's compatible with both Intel x86_64 and M1 ARM64 architectures (version 2).
Adding to the mystery, the x86_64 binary, upon execution, simply displays the message "Hello, World!" whereas the M1 binary reads "You did it!," which the researchers suspect is being used as a placeholder.
Red Canary's Tony Lambert said, "The Mach-O compiled binaries don't seem to do all that much and so we've been calling them 'bystander binaries. We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution."
The 29,139 macOS endpoints are located across 153 countries as of February 17, including high volumes of detection in the U.S., the U.K., Canada, France, and Germany, according to data from Malwarebytes.
Despite the difference in the targeted macOS platform, the two samples follow the same modus operandi: using the macOS Installer JavaScript API to execute attack commands by dynamically generating two shell scripts that are written to the target's file system. While "agent.sh" executes immediately at the end of the installation to inform an AWS command-and-control (C2) server of a successful installation, "verx.sh" runs once every hour, contacting the C2 server for additional content to download and execute.
Furthermore, the malware comes with capabilities to completely erase its presence from the compromised host, suggesting the actors associated with the campaign may be motivated by stealth techniques.
Silver Sparrow is the second piece of malware to contain code that runs natively on Apple's new M1 chip. A Safari adware extension called GoSearch22 was identified last week to have been ported to run on the latest generation of Macs powered by the new processors.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : Arundhati Bhattacharya
Arundhati Bhattacharya serves as the Chairperson and CEO of Salesforce...
Icons Of India : Anil Agarwal
Anil Agarwal, the Founder and Chairman of Vedanta Resources Ltd., is r...
Icons Of India : AMIT CHADHA
Amit Chadha serves as the CEO and Managing Director of L&T Technology ...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
C-DOT - Center of Development of Telematics
India’s premier research and development center focused on telecommu...
NSE - National Stock Exchange
NSE is the leading stock exchange in India....
Indian Tech Talent Excelling The Tech World - Dheeraj Pandey, CEO, DevRev
Dheeraj Pandey, Co-founder and CEO at DevRev , has a remarkable journe...
Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi
Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation...
Indian Tech Talent Excelling The Tech World - RAVI KUMAR S, CEO- Cognizant
Ravi Kumar S, appointed as CEO of Cognizant in January 2023, sets the ...