Bleeping Computer reports that 29,139 Mac devices across the world, including the US, Canada and Germany, have been infected with a new macOS malware known as Silver Sparrow.
According to Red Canary researchers, the new malware has been distributed as files named 'update.pkg' [VirusTotal] or 'updater.pkg' [VirusTotal], with the update.pkg including both an Apple M1 and an Intel x86_64 binary, while the updater.pkg only has the executable Intel file.
They could not find the real purpose of the malware and "[we] have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution," the Red Canary report stated.
Malwarebytes' Thomas Reed said they have no idea how Silver Sparrow is installed. "We don’t know how users would have initially found that installer. In fact, I’m a bit skeptical that it may even still be in distribution, in this form, at least," he added.
Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.