Apple Takes Step to Prevent Further Spread of 'Silver Sparrow' Malware on Macs - MacRumors
Skip to Content

Apple Takes Step to Prevent Further Spread of 'Silver Sparrow' Malware on Macs

by

Over the weekend, we reported on the second known piece of malware compiled to run natively on M1 Macs. Given the name "Silver Sparrow," the malicious package is said to leverage the macOS Installer JavaScript API to execute suspicious commands. After observing the malware for over a week, however, security firm Red Canary did not observe any final payload, so the exact threat to users remains a mystery.

mac security privacy
Nonetheless, Apple has since informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected. Apple also reiterated that Red Canary found no evidence to suggest the malware has delivered a malicious payload to Macs that have already been infected.

For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues.

Malware targeting M1 Macs has simply been compiled to run natively on the Arm-based architecture of the M1 chip, now that Intel-based Macs are slowly being phased out. For more details about the "Silver Sparrow" malware, read our earlier coverage.

Tag: macOS Security

Popular Stories

Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching Later This Year With These 10 New Features

Tuesday May 26, 2026 6:32 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article52 comments
apple wallet drivers license feature iPhone 15 pro

Apple Just Expanded iPhone Driver's License Feature to Arkansas

Wednesday May 27, 2026 9:41 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. Starting today, the feature is available in Arkansas, which is the 14th state to offer it. However, it may take some time to roll out to all users. To...
Read Full Article49 comments
Apple Watch Blood Glucose Monitoring Feature 2

Apple Watch for Diabetes: The Latest on Apple's Plans for Non-Invasive Blood Sugar Monitoring

Tuesday May 26, 2026 9:30 am PDT by
For many years now, it has been rumored that the Apple Watch will eventually gain non-invasive blood sugar monitoring capabilities, which would enable millions of people with diabetes to track their blood glucose levels without needing to prick their skin with a needle or wear a dedicated continuous glucose monitor. According to Bloomberg's Mark Gurman, Apple recently shifted oversight of...
Read Full Article76 comments

Top Rated Comments

B
Brian Y
69 months ago
This is going to end up the same way as all DRM - inconveniencing genuine users whilst bad guys find ways around it.

If Apple really had automated detection and scanning, how did it manage to infect so many machines?
Score: 15 Votes (Like | Disagree)
MacSince1985 Avatar
MacSince1985
69 months ago
Red Canary vs. Silver Sparrow. It's time to call in reinforcement from Purple Owl and Green Chickadee!
Score: 13 Votes (Like | Disagree)
jlc1978 Avatar
jlc1978
69 months ago
More importantly, how do you detect it and remove it?
Score: 13 Votes (Like | Disagree)
K
Kazgarth
69 months ago
They should include something like Windows Defender to allow the user to scan his system files on demand, when in doubt.
Score: 11 Votes (Like | Disagree)
Populus Avatar
Populus
69 months ago
Something tells me that the issue, deep down, is not solved. Yeah, Apple has revoqued the certificate, so then what? Can this happen again? I’d say yes...
Score: 8 Votes (Like | Disagree)
P
PJWilkin
69 months ago

The police doesn't deal with these types of matters. It requires a higher authority.
The Vatican ? 😁
Score: 7 Votes (Like | Disagree)
Read All Comments