Apple said: It has taken steps to prevent the spread of malicious software known as Silver Sparrow across Apple’s M1 Mac computers.
The company stated that it had revoked the security certificates for developer accounts used to sign the packages, which prevents them from being installed on any other Mac devices.
In addition to certificate revocation, Apple notes that it also uses many protection devices and protection software in its products and services, while deploying regular software updates that can prevent threats from taking effect.
Apple’s moves to reduce any impact that malware could have in the future, as Silver Sparrow forces infected Macs to scan the control server once an hour.
Apple clarified that the malicious software has not yet provided any malicious code yet and that all programs downloaded outside of the Mac App Store provide industry-leading protection for users.
Apple requires all software documentation, whether downloaded from the App Store or elsewhere.
Nearly 30,000 Mac computers worldwide have been infected by the Silver Sparrow malware, according to researchers at the Red Canary security company.
And theExplained (Tony Lambert) Tony Lambert, analyst at Red Canary, says the malware does not display the behaviors expected from the usual adware that often targets macOS.
It is not clear what the target of the malware, which includes a self-destructing mechanism that may remove any traces of it, and it appears that it has not been used, and it is unclear what could trigger this functionality.
Notably, Silver Sparrow contains code that originally runs via Apple’s M1 chip, which was released in November, making it the second known malware to do so.
The researchers write: Although we haven’t noticed Silver Sparrow offering additional harmful parts yet, its compatibility with the M1 chip, global reach, relatively high infection rate, and operational maturity indicates Silver Sparrow is a serious threat.
Silver Sparrow has infected Macs in 153 countries as of February 17, with higher concentrations reported in the United States, the United Kingdom, Canada, France and Germany, according to data from the Malwarebytes website, which prevents ransomware attacks.