Silver Sparrow: Mysterious malware discovered on 29,000+ Macs

0
3


Security researchers have discovered new malware that has already made its home on Macs. So far, however, she has not done anything except wait for further orders.  The  malware called Silver Sparrow comes as an installation package on Macs and obviously has to be installed by the user first. © www.de24.news

 The re is both an “updater.pkg”, which is designed for Intel Macs, and an update.pkg, which supplies a program adapted for Intel and ARM Macs in the standard Mach-O binary format, such as the security company Red Canary explained.

According to the security company’s analysis, the program is nothing more than a “viewer”. When it is opened, it either simply shows “Hello, World!” or “You did it!” at. © www.de24.news

 The  malware uses the installer JavaScript interface of macOS to execute shell scripts and to settle permanently on the system as a LaunchAgent. Silver Sparrow contacted a command server every hour to load and execute additional content. © www.de24.news

 The  tool was observed for over a week, but no payload was reloaded, which is why the target of the malware remains a mystery, according to the security researchers.

© www.de24.news

 The  AV tool Malwarebytes was able to detect an infection with Silver Sparrow on more than 29,000 Macs by mid-February; the malware was particularly frequently installed on Macs in the USA, Great Britain, Canada, France and Germany.

It is unclear how the installation package is delivered. © www.de24.news

 The  security researchers suspect that it is sold through various channels and disguised as legitimate Mac software that is offered for download on Macs via manipulated advertising banners or search results. Apple has apparently withdrawn the developer certificates used by the installation packages for signing.


More from Mac & i


More from Mac & i

What is unusual for malware that is so common in the wild is that it has a self-destruct routine with which it is supposed to disappear from an infected Mac without a trace. This too has apparently not been ignited so far, according to the security researchers. Such techniques are otherwise more likely to use malware that is targeted against individuals.


(lbe)

To home page





[ source link ]
https://www.heise.de/news/Silver-Sparrow-Mysterioese-Malware-auf-ueber-29-000-Macs-entdeckt-5062066.html

Silver Sparrow Mysterious malware discovered Macs

LEAVE A REPLY

Please enter your comment!
Please enter your name here