First Malware Running Natively on M1 Chip Discovered

by

Malware specifically tailored to run on Apple's M1 chip has been discovered, indicating that malware authors have begun adapting malicious software for Apple's new generation of Macs with Apple silicon.

macbook air m1 unboxing feature
Mac security researcher Patrick Wardle has now published a report, cited by Wired, that explains in detail how malware has started to be adapted and recompiled to run natively on the ‌M1‌ chip.

Wardle discovered the first known native ‌M1‌ malware in the form of a Safari adware extension, originally written to run on Intel x86 chips. The malicious extension, called "GoSearch22," is a well-known member of the "Pirrit" Mac adware family and was first spotted at the end of December. Pirrit is one of the oldest and most active Mac adware families, and has been known to constantly change in an attempt to evade detection, so it is unsurprising that it has already begun adapting for the ‌M1‌.

The GoSearch22 adware presents itself as a legitimate Safari browser extension, but collects user data and serves a large number of ads such as banners and popups, including some that link to malicious websites to proliferate more malware. Wardle says the adware was signed with an Apple Developer ID in November to further conceal its malicious content, but it has since been revoked.

Wardle notes that since malware for the ‌M1‌ is still at an early stage, antivirus scanners are not detecting it as easily as x86 versions and defensive tools like antivirus engines are struggling to process the amended files. The signatures used to detect threats from malware on the ‌M1‌ chip have not yet been substantially observed, so the security tools to detect and deal with it are not yet available.

Researchers from security company Red Canary told Wired that other types of native ‌M1‌ malware, distinct from Wardle's findings, have also been found and are being investigated.

Only the MacBook Pro, MacBook Air, and Mac mini have Apple silicon chips at this time, but the technology is expected to expand across the Mac lineup over the next two years. Given that all new Mac computers are expected to feature Apple silicon chips like the ‌M1‌ in the near future, it was somewhat inevitable that malware developers would eventually start to target Apple's new machines.

While the M1-native malware that researchers have found does not seem to be unusual or particularly dangerous, the emergence of these new varieties acts as a warning that there is likely more to come.

See Wardle's full report for more information about the first M1-native malware.

Tags: Apple Silicon Guide, M1 Guide

Top Rated Comments

casperes1996 Avatar
casperes1996
19 months ago
Good to see more software natively supported
Score: 73 Votes (Like | Disagree)
ck2875 Avatar
ck2875
19 months ago

malware authors have begun adapting malicious software for Apple's new generation of Macs with Apple silicon.
They probably needed to get their malware out the door so they could get the $500 voucher for returning the Dev. Kit. to Apple.
Score: 32 Votes (Like | Disagree)
jasoncarle Avatar
jasoncarle
19 months ago
Wouldn't just not adding rando browser extensions to Safari protect you from this?
Score: 25 Votes (Like | Disagree)
Dark_Omen Avatar
Dark_Omen
19 months ago
I wish I was a loser that had no life to the point where I create malware to infect other people's machines.

Oh wait, no I don't.
Score: 12 Votes (Like | Disagree)
baryon Avatar
baryon
19 months ago
But Safari extensions were long deprecated ever since Catalina, and now you can only install them from the App Store, for this very reason, to prevent malware. How is this even still possible?
Score: 11 Votes (Like | Disagree)
farewelwilliams Avatar
farewelwilliams
19 months ago
Dunno, I thought Chrome was the first malware for eating all the CPU cycles and memory.
Score: 7 Votes (Like | Disagree)
Read All Comments

Related Stories

m3 feature black

Macs With 'M3' Chips Expected to Use TSMC's 3nm Chip Technology With Test Production Reportedly Underway

Thursday December 2, 2021 7:36 am PST by
Apple's chipmaking partner TSMC has kicked off pilot production of chips built on its 3nm process, known as N3, according to Taiwanese supply chain publication DigiTimes. The report, citing unnamed industry sources, claims that TSMC will move the process to volume production by the fourth quarter of 2022 and start shipping 3nm chips to customers like Apple and Intel in the first quarter of...
Read Full Article205 comments
aapl logo banner

Which New Mac Will Apple Release at Its March Event?

Sunday February 20, 2022 2:00 am PST by
Apple is widely expected to unveil a new Mac next month, but with the high-end Mac mini, the 27-inch iMac, and the Mac Pro all still featuring Intel chips and Apple's M1 machines from 2020 now reaching almost 15 months in age, it is not immediately clear which new model the company is planning to announce next. Bloomberg's Mark Gurman, who often reveals accurate insights into Apple's plans, r...
Read Full Article249 comments
f1646764298

Apple Announces 'M1 Ultra' Chip With 20-Core CPU, Up to 64-Core GPU, and Support for 128GB of Memory

Tuesday March 8, 2022 10:28 am PST by
Apple today announced the M1 Ultra chip, the third iteration to the M1 family, and it represents the next "breakthrough" for Apple Silicon. M1 Ultra consists of two M1 Max chips connected with die-to-die technology called "UltraFusion." The new highest-end chip of Apple Silicon features 114 billion transistors, with higher support for bandwidth memory at 800GB/s. "M1 Ultra is another...
Read Full Article117 comments
13 inch macbook pro m2 mock feature 2

New M2-Powered MacBooks Could Be Conspicuously Absent At Today's Apple Event

Tuesday March 8, 2022 6:58 am PST by
Last-minute rumors leading up to Apple's "Peek Performance" event have cast doubt on long-running expectations that Apple will reveal a new or updated MacBook model with an M2 chip on Tuesday. Last month, Bloomberg's Mark Gurman reported that Apple was preparing to launch at least one new Mac at its March 8 event, and at the time Gurman speculated that it would likely be a high-end Mac mini...
Read Full Article124 comments
ternus m1 chip

Today Marks the One Year Anniversary of the First Apple Silicon Macs

Wednesday November 10, 2021 6:25 am PST by
While it may feel rather hard to believe, today marks one year since the first Macs with Apple silicon were unveiled to the world. At a virtual event on November 10, 2020, Apple introduced its custom-designed M1 chip, followed by three new Macs powered by the chip, including the MacBook Air, the lower-end 13-inch MacBook Pro, and the lower-end Mac mini. With the M1 chip, Apple delivered...
Read Full Article124 comments
OneDrive

Microsoft OneDrive Gains Native Support for Apple Silicon Macs

Monday February 28, 2022 5:21 pm PST by
Microsoft has been testing a pre-release Apple silicon version of OneDrive since last year, and now the native version of the app is available for all OneDrive users. "We're excited to announce that OneDrive sync for macOS will now run natively on Apple silicon. This means that OneDrive will take full advantage of the performance improvements of Apple silicon," Microsoft said in an...
Read Full Article209 comments
ipad air 5 colors

Benchmark Results Confirm Apple Hasn't Downclocked M1 Chip in New iPad Air

Monday March 14, 2022 7:49 am PDT by
Benchmark results for the new iPad Air reveal that Apple has not downclocked the M1 chip to artificially limit the device's performance. The M1 chip in the fifth-generation iPad Air has the same 3.2GHz operating frequency as it does in the iPad Pro, according to Geekbench 5 results. As such, the M1 iPad Air has virtually identical performance as the M1 iPad Pro. Specifically, the M1 iPad...
Read Full Article96 comments
13 inch macbook pro m2 mock feature 2

First M2 Macs Expected to Launch Later This Year Using TSMC's 4nm Chip Process

Thursday March 10, 2022 7:30 am PST by
Apple plans to launch a series of Macs with M2 chips based on TSMC's 4nm process later this year, according to Taiwanese publication DigiTimes. This advancement should allow for continued performance and power efficiency improvements. "TSMC's 4nm process will also build Apple's M2 chip that will power the new Mac series slated for launch in the second half of this year," the report claims. ...
Read Full Article160 comments

Popular Stories

iPhone 14 Pro Purple Rear Flat MacRumors Exclusive

iPhone 14 Pro Predicted to Start With Increased 256GB Storage Alongside Rumored Price Increase

Wednesday August 10, 2022 11:14 am PDT by
Earlier today, analyst Ming-Chi Kuo claimed iPhone 14 Pro models will be more expensive than iPhone 13 Pro models. Kuo did not reveal exact pricing, but he said that the average selling price of all four iPhone 14 models will increase by about 15% overall. While higher prices would be disappointing for customers, it is possible the iPhone 14 Pro and iPhone 14 Pro Max will offer increased...
Read Full Article124 comments
iPhone 14 Pro Lineup Feature Silver

Kuo: Apple to Increase Prices of iPhone 14 Pro Models

Wednesday August 10, 2022 8:22 am PDT by
Apple plans to increase the prices of iPhone 14 Pro models compared to iPhone 13 Pro models, according to analyst Ming-Chi Kuo. Kuo did not reveal exact pricing for the iPhone 14 Pro models. However, in a tweet today, he estimated that the average selling price of the iPhone 14 lineup as a whole will increase by about 15% compared to the iPhone 13 lineup. In the United States, the iPhone...
Read Full Article247 comments
iPhone 14 Pro Purple Front and Back MacRumors Exclusive feature

iPhone 14 Is Just a Few Weeks Away: Three Tips to Prepare for the New iPhone

Wednesday August 10, 2022 4:08 am PDT by
The launch of the new iPhone 14 is just a few weeks away, meaning millions of iPhone customers will soon upgrade their existing iPhone or perhaps get an iPhone for the first time. Exclusive MacRumors iPhone 14 Pro renders by graphic designer Ian Zelbo Whether upgrading from an older model or this is your first iPhone, we've rounded up a few tips to help you prepare for the next flagship...
Read Full Article74 comments
battery percentage ios 16

Here's Why the iPhone Battery Status Icon in iOS 16 Is So Controversial

Wednesday August 10, 2022 4:34 am PDT by
In the latest iOS 16 beta, Apple has updated the status bar battery icon on iPhones with Face ID to display the exact percentage remaining rather than just a visual representation of battery level, and while the change has been largely welcomed, some users are unhappy with the way it has been implemented. In iOS 15 and earlier, battery percent has not been present on iPhones that have...
Read Full Article254 comments
Apple Watch Body Temperature Finished

'High-Accuracy' Apple Watch Temperature Sensor Revealed by Patent Filing Just Weeks Before Series 8 Unveiling

Wednesday August 10, 2022 5:39 am PDT by
Apple has been granted a patent for a temperature sensor suitable for the Apple Watch, just weeks before the company is expected to unveil the Apple Watch Series 8 with body temperature sensing capabilities. The newly granted patent, spotted by MyHealthyApple, was filed with the United States Patent and Trademark Office and is titled "Temperature gradient sensing in electronic devices."...
Read Full Article76 comments