Apple’s latest MacBook line is equipped with the latest M1 chip. Recently an unknown malware infected around 30,000 devices globally. It’s is a very complex malware as it has features that most high-end malware has. It has the ability to completely remove itself from the system. It means that this malware is designed to carry out stealth operations on the device. Researchers around the world are still judging the malware’s capabilities and what threat it can cause.
The malicious binary is more mysterious still because it uses the macOS Installer JavaScript API to execute commands. That makes it hard to analyze installation package contents or the way that the package uses the JavaScript commands.
The malware has been found in 153 countries with detections concentrated in the US, UK, Canada, France, and Germany. Its use of Amazon Web Services and the Akamai content delivery network ensures the command infrastructure works reliably and also makes blocking the servers harder.
One more thing that makes this malware interesting is that it uses a macOS installer and JavaScript API to execute commands. Also, The malware gave the name SilverSparrow by researchers. The threat this malware can cause is still a mystery.
