Silver Sparrow malware on 30,000 Macs leaves security pros confused

Silver Sparrow malware on 30,000 Macs leaves security pros confused

According to researchers, as of mid-February, Silver Sparrow malware has affected almost 30,000 macOS across 153 countries.


In early February, cybersecurity researchers at Red Canary discovered a new malware on macOS. They call it the “Silver Sparrow.”


What makes Silver Sparrow malware specifically unique is the use of JavaScript in order to execute itself and the emergence of a related binary compiled for Apple’s latest M1 ARM64 architecture. It is worth noting that Apple’s M1 chip is already being targeted by another Mac Malware discovered by ex-NSA researcher Patrick Wardle.


In Silver Sparrow’s case, as of mid-February, this malware has affected almost 30,000 macOS across 153 countries. 


SEE: ElectroRat crypto-stealing malware hits MacOS, Windows, Linux devices


There are two different types of this malware. The defining difference between the two versions is that one contained a Mach-O binary compiled for Intel x86_64 architecture only, and the other contained a Mach-O binary compiled for both, the Intel and M1 ARM64 architectures.


Moreover, Silver Sparrow malware also includes a self-destruct feature; however, there are no signs of this feature being utilized making the purpose of this mechanism unknown.

What makes Silver Sparrow malware uniquely interesting is the lack of a final payload. (A payload refers to the part of the malware that causes the malicious action).


Researchers have not, as of yet, discovered the harm that this malware brings to the system. This makes the true intent of this malware a complete mystery. 



“Though we have ..