Mac Malware Silver Sparrow, How Addigy Has You Covered

Jason Dettbarn | 02/23/2021

On Sunday, Feb 21, 2021, Red Canary Researchers identified malware on nearly 30,000 Macs, with an unknown total amount of infected systems.  This new malware was quite sophisticated and demonstrated the demand for high-value Apple Mac targeted hacks.

Removing Silver Sparrow with Addigy

Addigy published details of the Silver Sparrow malware on Monday, Feb 22, 2021, and added a Community Fact to identify infected systems along with a Community script to remove the malware from those devices. Current customers and trial users can leverage the new Fact and Script along with Addigy Monitoring, Alerting, and remediation to immediately alert System Admins of infected systems and clean those devices with no manual intervention.


Turn-Key Utility to Clean Silver Sparrow Malware off Macs

The payload that the malware leverages currently doesn’t show malicious execution but could be activated from this sleeper state at any time.  Ars Technica and 9to5Mac have provided very in-depth coverage and continue to cover developments.

Apple has taken steps to slow the spread by revoking the developer certificate signature for the malware installation package.  It’s important to note that this stops new installs and is only preventing the installation if Gatekeeper is enabled and forced blocking of non-signed installation packages.

What makes this malware so concerning is that it was developed to be native on Intel and Apple M1 Macs.  It further demonstrates the sophistication and demand for high-value Apple Mac threats… and the need to manage the highly valued Mac users & devices.

Make sure you’re managing and protecting your Apple Macs today, with the most powerful Apple Management platform in the world. Contact our team at Addigy to learn how to get started.

 

Additional Resources:

Technical Analysis of Malware by Red Canary: https://redcanary.com/blog/clipping-silver-sparrows-wings/


A macOS-compatible version of the Milum trojan, part of the WildPressure Advanced Persistent Threat (APT), has recently been discovered by researchers […]
Not so long ago, people believed macOS was unhackable. To them, purchasing a Macbook was a safety measure in and of […]
A serious security bug, with the identifier CVE-2021-30657, has recently been publicized and patched. However, it has been used in the […]