Apple Takes Step to Prevent Further Spread of 'Silver Sparrow' Malware on Macs

Over the weekend, we reported on the second known piece of malware compiled to run natively on M1 Macs. Given the name "Silver Sparrow," the malicious package is said to leverage the macOS Installer JavaScript API to execute suspicious commands. After observing the malware for over a week, however, security firm Red Canary did not observe any final payload, so the exact threat to users remains a mystery.

mac security privacy
Nonetheless, Apple has since informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected. Apple also reiterated that Red Canary found no evidence to suggest the malware has delivered a malicious payload to Macs that have already been infected.

For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues.

Malware targeting M1 Macs has simply been compiled to run natively on the Arm-based architecture of the M1 chip, now that Intel-based Macs are slowly being phased out. For more details about the "Silver Sparrow" malware, read our earlier coverage.

Top Rated Comments

Brian Y Avatar
9 months ago
This is going to end up the same way as all DRM - inconveniencing genuine users whilst bad guys find ways around it.

If Apple really had automated detection and scanning, how did it manage to infect so many machines?
Score: 15 Votes (Like | Disagree)
MacSince1985 Avatar
9 months ago
Red Canary vs. Silver Sparrow. It's time to call in reinforcement from Purple Owl and Green Chickadee!
Score: 13 Votes (Like | Disagree)
jlc1978 Avatar
9 months ago
More importantly, how do you detect it and remove it?
Score: 13 Votes (Like | Disagree)
Kazgarth Avatar
9 months ago
They should include something like Windows Defender to allow the user to scan his system files on demand, when in doubt.
Score: 11 Votes (Like | Disagree)
Populus Avatar
9 months ago
Something tells me that the issue, deep down, is not solved. Yeah, Apple has revoqued the certificate, so then what? Can this happen again? I’d say yes...
Score: 8 Votes (Like | Disagree)
PJWilkin Avatar
9 months ago

The police doesn't deal with these types of matters. It requires a higher authority.
The Vatican ? ?
Score: 7 Votes (Like | Disagree)

Related Stories

Mac App Store General Feature

Apple's Craig Federighi: Mac Not Meeting the Bar for Customer Protection

Wednesday May 19, 2021 12:41 pm PDT by
Apple software engineering chief Craig Federighi is testifying in the ongoing Apple v. Epic games trial this afternoon, providing details about iPhone security to convince the judge that any change to the App Store policies would be detrimental to iPhone users. Epic Games wants the judge to force Apple to allow multiple app stores on iOS, similar to how it works on Mac, which would allow...
opera m1 macs

Opera Browser Gains Native M1 Mac Support

Thursday April 1, 2021 1:00 am PDT by
The minimalist Opera browser designed for the Mac was today updated with native Apple silicon support for M1 Macs, introducing notable speed improvements. With this release, the Opera browser runs two times faster on M1 Macs compared to the previous generation of the browser for smoother and quicker browsing performance. Along with M1 Mac support, today's update lets users set keyboard...
docker for mac

Docker Desktop for Mac Updated With Apple Silicon Support

Thursday April 15, 2021 9:00 am PDT by
Docker today announced that it has launched a new version of Docker Desktop for Mac with Apple silicon support, allowing developers to use the Docker software on the M1 MacBook Pro, MacBook Air, and Mac mini. Prior to launching, the version of Docker Desktop for Mac with M1 compatibility has been available as a technical preview, and Docker says that testers have found the software to be...
why mac website

Apple Explains Why You Should Buy a Mac

Friday May 21, 2021 10:44 am PDT by
Apple today added a new "Why Mac" explainer page to its main Apple.com website, which, as the name suggests, pitches reasons why customers should choose to buy a Mac. The Mac is "easy to learn," powerful, and equipped with tons of apps and free software updates.Easy to learn. Astoundingly powerful. And designed to let you work, play, and create in ways you never imagined. It's the computer...
m1 mac mini screen

M1 Macs Targeted by Additional Malware, Exact Threat Remains a Mystery

Saturday February 20, 2021 12:10 pm PST by
The second known piece of malware that has been compiled to run natively on M1 Macs has been discovered by security firm Red Canary. Given the name "Silver Sparrow," the malicious package is said to leverage the macOS Installer JavaScript API to execute suspicious commands. After observing the malware for over a week, however, neither Red Canary nor its research partners observed a final...
macbook air m1 unboxing feature

First Malware Running Natively on M1 Chip Discovered

Wednesday February 17, 2021 2:33 pm PST by
Malware specifically tailored to run on Apple's M1 chip has been discovered, indicating that malware authors have begun adapting malicious software for Apple's new generation of Macs with Apple silicon. Mac security researcher Patrick Wardle has now published a report, cited by Wired, that explains in detail how malware has started to be adapted and recompiled to run natively on the M1 chip. ...
parallels windows 10 arm mac

Parallels 16.5 Can Virtualize ARM Windows Natively on M1 Macs With Up to 30% Faster Performance

Wednesday April 14, 2021 7:00 am PDT by
Parallels today announced the release of Parallels Desktop 16.5 for Mac with full support for M1 Macs, allowing for the Windows 10 ARM Insider Preview and ARM-based Linux distributions to be run in a virtual machine at native speeds on M1 Macs. Parallels says running a Windows 10 ARM Insider Preview virtual machine natively on an M1 Mac results in up to 30 percent better performance compared ...
apple transporter

Apple Transporter and Microsoft Remote Desktop Gain Native M1 Mac Support

Thursday April 15, 2021 3:18 am PDT by
Apple has updated its Transporter app for developers with native support for Apple silicon Macs, while Microsoft has done the same for its Remote Desktop app. The Transporter app lets developers drag and drop binaries for quick upload to App Store Connect and easily view details like progress, warnings, errors, and delivery history. The added support for Apple silicon means developers...
intel go pc justin long

Intel Launches Heavily Biased 'PC vs. Mac' Comparison Website

Thursday March 18, 2021 11:56 am PDT by
As part of its barrage of attacks against M1 Macs, Intel this week launched a "PC vs. Mac" website that's biased heavily in favor of PC machines that are equipped with Intel chips and that makes questionable claims about Apple's M1 Mac lineup. Intel's website says that Apple's M1 Mac benchmarks don't "translate to real-world usage" and that when compared to PCs with 11th-Generation Intel...
maxresdefault

Luna Display's Mac-to-Mac Display Feature Now Works Over Ethernet and Thunderbolt

Wednesday May 5, 2021 1:14 pm PDT by
Astropad's Luna Display accessory that's able to turn an old iPad or Mac into a secondary display for a primary Mac was today updated with a new feature that's designed to allow Mac-to-Mac mode to work over Ethernet and Thunderbolt. The Luna Display is an alternative to Apple's Sidecar, allowing an iPad to be used as a display for a Mac. Unlike Sidecar, it works with other Macs, so you can...