Friday, March 5, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

New ‘Silver Sparrow’ Malware Infected Nearly 30,000 Apple Macs

February 23, 2021
in Internet Privacy
New ‘Silver Sparrow’ Malware Infected Nearly 30,000 Apple Macs
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Days after the first malware targeting Apple M1 chips was discovered in the wild, researchers have disclosed yet another previously undetected piece of malicious software that was found in about 30,000 Macs running Intel x86_64 and the iPhone maker’s M1 processors.

However, the ultimate goal of the operation remains something of a conundrum, what with the lack of a next-stage or final payload leaving researchers unsure of its distribution timeline and whether the threat is just under active development.

You might also like

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

Calling the malware “Silver Sparrow,” cybersecurity firm Red Canary said it identified two different versions of the malware — one compiled only for Intel x86_64 and uploaded to VirusTotal on August 31, 2020 (version 1), and a second variant submitted to the database on January 22 that’s compatible with both Intel x86_64 and M1 ARM64 architectures (version 2).

password auditor

Adding to the mystery, the x86_64 binary, upon execution, simply displays the message “Hello, World!” whereas the M1 binary reads “You did it!,” which the researchers suspect is being used as a placeholder.

“The Mach-O compiled binaries don’t seem to do all that much […] and so we’ve been calling them ‘bystander binaries,”http://thehackernews.com/” Red Canary’s Tony Lambert said.

“We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution,” Lambert added.

http://thehackernews.com/

The 29,139 macOS endpoints are located across 153 countries as of February 17, including high volumes of detection in the U.S., the U.K., Canada, France, and Germany, according to data from Malwarebytes.

Despite the difference in the targeted macOS platform, the two samples follow the same modus operandi: using the macOS Installer JavaScript API to execute attack commands by dynamically generating two shell scripts that are written to the target’s file system.

While “agent.sh” executes immediately at the end of the installation to inform an AWS command-and-control (C2) server of a successful installation, “verx.sh” runs once every hour, contacting the C2 server for additional content to download and execute.

Furthermore, the malware comes with capabilities to completely erase its presence from the compromised host, suggesting the actors associated with the campaign may be motivated by stealth techniques.

In response to the findings, Apple has revoked the binaries that were signed with the Apple Developer ID’s Saotia Seay (v1) and Julie Willey (v2), thus preventing further installations.

Silver Sparrow is the second piece of malware to contain code that runs natively on Apple’s new M1 chip. A Safari adware extension called GoSearch22 was identified last week to have been ported to run on the latest generation of Macs powered by the new processors.

“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” Lambert said.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Plug n' Play Predictive Analysis for Business User Data Prototyping

Next Post

Powerhouse VPN products can be abused for large-scale DDoS attacks

Related Posts

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead
Internet Privacy

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

March 5, 2021
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
Internet Privacy

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

March 4, 2021
A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account
Internet Privacy

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account

March 4, 2021
Next Post
Powerhouse VPN products can be abused for large-scale DDoS attacks

Powerhouse VPN products can be abused for large-scale DDoS attacks

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

FTC joins 38 states in takedown of massive charity robocall operation
Internet Security

FTC joins 38 states in takedown of massive charity robocall operation

March 5, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
Three Finalists Selected in $4.5 Million Watson AI XPrize Competition  
Artificial Intelligence

Three Finalists Selected in $4.5 Million Watson AI XPrize Competition  

March 5, 2021
How to Boost Machine Learning in Healthcare Market Compound Annual Growth Rate (CAGR)? – KSU
Machine Learning

How to Boost Machine Learning in Healthcare Market Compound Annual Growth Rate (CAGR)? – KSU

March 5, 2021
Accellion zero-day claims a new victim in cybersecurity company Qualys
Internet Security

Accellion zero-day claims a new victim in cybersecurity company Qualys

March 5, 2021
How to Meet the Enterprise-Grade Challenge of Scaling AI 
Artificial Intelligence

How to Meet the Enterprise-Grade Challenge of Scaling AI 

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • FTC joins 38 states in takedown of massive charity robocall operation March 5, 2021
  • Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount March 5, 2021
  • Three Finalists Selected in $4.5 Million Watson AI XPrize Competition   March 5, 2021
  • How to Boost Machine Learning in Healthcare Market Compound Annual Growth Rate (CAGR)? – KSU March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates