• WSD

Mac malware now might be the time...

Mac users, including myself, have always been lucky with the lack of focus of malware developers for the platform. The argument of whether to run antimalware has always been a bone of contention. I must admit that having run antimalware on all my Macs I have never received an alert that my machine is infected. Then again it may be because I am careful on the sites I visit and our email domains are protected at two levels from phishing and spam.

That said Macs have been vulnerable to adware or potentially unwanted programs (PUPs) but not malware. Things may be changing with the discovery of Silver Sparrow that according to Malwarebytes had infected over 29,000 endpoints. Two things are interesting with this new threat, firstly it works not only on Intel-based Macs but also on their new Arm-based M1 chips. Secondly, it currently is passive but every hour the 'command and control' (C2) agent request the launchd process to execute a script that downloads a file which determines if further actions are required. To date, there have been no malicious actions taken by the script, hopefully, this will remain the case!

The success of Silver Sparrow shows that Macs are not immune to Dropper type malware and as such may lead to malware developers looking at taking the code to distribute more than PUPs.

So if you are not running antimalware on your Mac, now might be the time to reconsider, reach out to us and we can set up a trial of SentinelOne to check whether you have been infected.

11 views0 comments

Recent Posts

See All