Almost 30,000 Macs infected with Silver Sparrow malware

by

You can also be interested in these:

A malware called Silver Sparrow has infected nearly 30,000 Apple Mac computers with macOS, even affecting computers with Apple’s new M1 silicon chip. The data has been discovered by security researchers at Red Canary, who have subsequently worked on analyzing the problem with others from Malwarebytes and VMWare Carbon Black.



The incidence of these 29,139 cases is widely distributed, as Silver Sparrow affected teams from 153 countries until February 17. The most intense malware activity has been in the United States, United Kingdom, Canada, France and Germany, according to the research. It is no coincidence that in several of these countries the market share of Apple equipment is higher than the average.

The cause of the infection is still not clear

Researchers monitoring the malware, have never seen it in action while analyzing it. Moreover, they have been able to access infected computers, but the malware only waited to receive external orders in the form of commands, which never arrived during the process of inspection.

Despite this, Red Canary warns that this does not mean that Silver Sparrow don’t pose a threat due to its observed lack of activity, since this could even be a mechanism executed in the face of the detection of investigator or proficient user. The biggest problem right now, beyond not knowing its possible future manifestation, is that it is not known how Silver Sparrow is infecting so many computers.

The investigation mentions that malware could arrive with cracked applications, malicious advertising or fake Flash updaters, which even after the goodbye of Flash remains one of the most active “contagion” routes on macOS. As always, many of these installations occur after bypassing Gatekeeper security in ‘System Preferences’.

As reported by MacRumors, Apple has revoked the certificates of all developer accounts used to sign the affected packages, thus preventing their spread. Red Canary has not found any evidence that the malware has delivered malicious code to already infected computers.

What are the effects of the Silver Sparrow virus

Silver Sparrow is a RAT (Remote Access Trojan). It is similar to many Mac Trojans that we have come across recently, like Call me, CinaRAT, and Shlayer.

Silver Sparrow can be downloaded from any suspicious website, where it can be camouflaged as a patch, crack, or any other like such. The main idea is that you believe it is a legitimate application and allow it on your Mac. Once this happens, infection with this malware is inevitable.

But this is not the only way you may be infected your Mac with Silver Sparrow. Another infection methods also include receiving an email from hackers, and downloading the email attachment. Most of these emails are spam and pretend that the attachment is very important, such as a plane ticket or a document from your bank. What happens is that once you open these emails, you can immediately become a victim of this malware.

Like any Trojan, Silver Sparrow malware can use the same infection activities that can result in information loss on your Mac, information leaks, or even worse – your Mac can be permanently damaged.

The main risks that could be associated with the Silver Sparrow Trojan are probably the following:

  • It could steal your saved passwords.
  • It has access to your files.
  • It has the ability to delete files and other information.
  • The ability to edit files.
  • Take screenshots.
  • Record audio.
  • Install other malicious programs.
  • Creates copies of itself to make manual removal difficult.
  • Run a process in Activity Monitor to constantly monitor your keystrokes (what you type).
  • Get the information from your system.

These risks are what make Silver Sparrow malware especially dangerous for your Mac, and their removal is highly recommended.

More stories like this