Apple Takes Step to Prevent Further Spread of 'Silver Sparrow' Malware on Macs - MacRumors
Skip to Content

Apple Takes Step to Prevent Further Spread of 'Silver Sparrow' Malware on Macs

Over the weekend, we reported on the second known piece of malware compiled to run natively on M1 Macs. Given the name "Silver Sparrow," the malicious package is said to leverage the macOS Installer JavaScript API to execute suspicious commands. After observing the malware for over a week, however, security firm Red Canary did not observe any final payload, so the exact threat to users remains a mystery.

mac security privacy
Nonetheless, Apple has since informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected. Apple also reiterated that Red Canary found no evidence to suggest the malware has delivered a malicious payload to Macs that have already been infected.

For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues.

Malware targeting M1 Macs has simply been compiled to run natively on the Arm-based architecture of the M1 chip, now that Intel-based Macs are slowly being phased out. For more details about the "Silver Sparrow" malware, read our earlier coverage.

Popular Stories

Apple Acquires Award Winning App Play Feature

Apple Acquires Award-Winning App 'Play'

Monday June 29, 2026 7:39 am PDT by
In February, Apple notified the European Commission that it would be acquiring certain assets from and have the right to hire certain employees from Rabbit 3 Times, the company behind the award-winning app design tool Play. The notification was published on the European Commission's website this week, following a four-month waiting period. Play was a Mac and iPhone app that allowed designers ...
iPhone 18 Pro Deep Red Feature

Apple 'Concerned' Over iPhone 18 Pro Data Leak From Supplier Tata

Monday June 29, 2026 11:46 am PDT by
Apple is "concerned" about a recent data leak from Tata Electronics, one of its manufacturing partners in India, reports Reuters. Tata Electronics was the target of a cyberattack, with confidential Apple documents stolen and shared on the dark web. Hackers were able to steal information about the iPhone 18 Pro and iPhone 18 Pro Max, including a list of suppliers, parts, and images of the...
series 10 apple watch titanium digital crown

Report: Apple Watch Redesign Coming Next Year With New Band System

Tuesday June 30, 2026 8:45 am PDT by
A "major overhaul" of the Apple Watch's design is due to arrive next year with a new system for connecting bands, according to a known Weibo leaker. In a set of recent posts, the leaker known as "Instant Digital" linked the new claim to older rumors about an "Apple Watch X" model, which was said to introduce a fresh design and break compatibility with the existing watch band system. Citing...

Top Rated Comments

70 months ago
This is going to end up the same way as all DRM - inconveniencing genuine users whilst bad guys find ways around it.

If Apple really had automated detection and scanning, how did it manage to infect so many machines?
Score: 15 Votes (Like | Disagree)
MacSince1985 Avatar
70 months ago
Red Canary vs. Silver Sparrow. It's time to call in reinforcement from Purple Owl and Green Chickadee!
Score: 13 Votes (Like | Disagree)
jlc1978 Avatar
70 months ago
More importantly, how do you detect it and remove it?
Score: 13 Votes (Like | Disagree)
70 months ago
They should include something like Windows Defender to allow the user to scan his system files on demand, when in doubt.
Score: 11 Votes (Like | Disagree)
Populus Avatar
70 months ago
Something tells me that the issue, deep down, is not solved. Yeah, Apple has revoqued the certificate, so then what? Can this happen again? I’d say yes...
Score: 8 Votes (Like | Disagree)
70 months ago

The police doesn't deal with these types of matters. It requires a higher authority.
The Vatican ? 😁
Score: 7 Votes (Like | Disagree)