Search

Search by Category

All Posts

Everything You Need to Know About the Latest macOS Malware (as Well as How to Best Protect Yourself)

Technology has brought us many great innovations in the past few decades and each innovation comes with many upgrades and improvements over time. Each year brings with it new software updates for each of our gadgets, or a newer version of our current device. It would seem that with technology there is always a version that is faster, better, more updated than the one before. 

As our technology experts continue to bring us all of these new updates, there are other experts that are working in unison in the background to roll out a completely different set of updates. These are specifically targeted to bring destruction and distress to those who are unfortunate enough to be affected …

Or infected. 

We’re talking about the malware which hackers send out to attack your device by invading your privacy, stealing your sensitive information and data and leaving a path of destruction behind them. A discovery was made recently which caused a relative amount of concern in the world of tech. 

A new strain of malware was detected which affected close on to 30,000 Mac’s worldwide, with the greater concentration of machines affected being found in the United States, United Kingdom, Germany, France and also Canada. At the moment this malware isn’t displaying the normal signs of malicious malware, however, it is still early days and things could change rapidly at the drop of a hat. 

Taking a Closer Look at the Sparrow

Earlier this year, a couple of detection engineers at Red Canary (a cyber security company) came across a strain of macOS malware that is affecting thousands of devices around the globe.

They have dubbed this new strain of malware Silver Sparrow and while it isn’t clear yet what the precise purpose of this malware is, it is best to assume that it was created for devious purposes since there is no such thing as “good malware.”

Silver Sparrow was designed to infect both Intel as well as M1-based Mac devices. While experts have been able to discover that this malware is designed to infect your computer system and open a back door for more malicious malware payloads, it isn’t clear yet what the ultimate goal of this new malware strain is. 

What is curious is that even though experts kept a careful eye on this malware for over a week, they couldn’t find any evidence of a final payload (threat to users) from this malware, which leaves the purpose for this Silver Sparrow malware a complete mystery to the experts. 

There are currently two known versions of this malware, the first version made its appearance in August 2020 and it was designed to infect Intel Macs, whilst the second version of Silver Sparrow first appeared in December 2020 and this targeted the M1-based Macs. 

Silver Sparrow seems to have magically appeared out of nowhere and it is causing much upheaval in the world of Mac as the consequences of being infected by this malware could be huge. 

What is concerning, though, is that once a computer is infected by this malware, it then reports back to an unknown server roughly about once an hour. This does beg the question — is this the calm before the storm? 

While not much is known about this malware, we do know that it is installed via Apple installer packages (i.e. .pkg files) that are named updater.pkg (appears to be a placeholder and says “Hello World!”) and update.pkg (also appears to be a placeholder with a message that says “You did it!”). What we don’t know, though, is how these files were delivered to each user. 

What happens is that when you click on the Continue button, even if you were to cancel or exit the installer before it completed, you would still have been infected. 

While Apple has taken action against Silver Sparrow by revoking the certificates for the developer accounts used by the malware (this means that if you weren’t infected by this malware before then you are safe from the chances of being infected), there are still some steps to take which will enable you to better protect yourself from future malware attacks.  

Applying the Necessary Patch

Mac users have been advised to install the latest Mac update, Big Sur 11.4, as soon as possible which has the necessary patch in it to prevent infection from the Silver Sparrow malware.

Before installing the update, make sure that your Mac is compatible with the new update. Another thing to do before installing any updates is to make sure that you have done a full back up of your computer. 

Installing this new update will take a comparatively lengthy space of time, so make sure you are connected to power and have a stable internet connection. 

To begin the installation process, navigate to your Apple menu and click on System Preferences and then click on Software Update. Once the update appears, simply click on Update and then the new software update will start to download. After downloading the update, the installer will open automatically. 

Left-click on Continue and then follow the on screen instructions. If at any time you are asked for permission to install a helper tool, you will need to enter the Administrator name and password which you normally use to log in to your Mac. Then you will need to left-click on Add Helper and the helper tool will be installed. 

The process does take quite some time, so make sure that your Mac does not go into Sleep Mode. You also should not close the lid whilst the installation process is running, as this will interrupt the installation. 

Once this latest version is installed it should prevent you from getting the Silver Sparrow malware. Added to this, your Mac does come with a built-in feature called Gatekeeper. This also adds an extra layer of protection and will check all apps which you want to download or install from the internet, giving you a timely warning should it be something that is considered a danger to your Mac safety. 

Safe Habits Lead to Stronger Security

One of the easiest and most effective ways to check whether or not you may have the Silver Sparrow malware is to run a third party malware program on your Mac.

There are quite a few malware programs out there which could effectively find and remove malware from your computer, but you may want to install Malwarebytes since they worked alongside Red Canary in discovering how many users were infected with Silver Sparrow, and they are an affordable and reliable option to protect against future infections. 

Installing malware software doesn’t necessarily mean that you won’t ever get infected, though. However, it is a huge step in preventing future infections. It is considered safe practice to run a full malware scan at least once a month, although you can do so on more regular intervals too. While nothing is set in stone when it comes to advanced technology, as long as you are practicing safe habits when browsing online, you should be able to enjoy stronger security. 

Always remember not to click on any links that advertise free prizes or easy downloads, stick to sites that are trusted and that you know are reliable, don’t download or install software from unknown sites and remember to trust your instincts. If something feels like it may be unsafe then it most likely is.

It is generally a good practice to not download or install any apps which you can’t get from your Apple Store. All the apps in the Apple Store have been vetted by Apple and therefore they are safe to use. 

One other thing to keep in mind is that if you get an email “alerting” you to the fact that you have “critical errors” on your Mac — don’t pay it any mind. These emails come from scammers and hackers who are trying to get access to your data and will become your worst nightmare if you click on those links. 

And last but most certainly not least, remember to practice safe email protocol — don’t open or download any attachments that do not come from a known and trusted source. All too often we click on links within an email without first verifying that it is from someone we know and trust. This quickly escalates into a problem that could quite easily have been prevented. 

As you can see, it doesn’t take much to add an extra layer of protection to your Mac, and it is certainly well worth the effort, especially considering this latest in malware attacks.

It would certainly save you the stress headache (as well as any other drama which can result from being a victim of this latest bird of prey) to go through the above steps to ensure that your extra layer of protection is in place. 
As always, if you’re needing any kind of additional help either understanding the latest macOS malware threat or protecting yourself from it, consider reaching out to HelpCloud Technicians for remote support.

Erik Fullmer

Director of Marketing

Erik was raised in many places in a military family but has long since called Utah home. He spends free time in his garden, in the mountains with his dog, and skis…a lot. He is actively earning the necessary certifications and training to become a certified winter mountain guide.

Erik graduated from Utah Valley University in 2011 with a bachelor’s degree in Behavioral Science and a minor in Spanish. Additionally, being raised by a German mother, he spent a part of his childhood and also the beginning of his professional career in Germany where he worked as a Digital Strategist for adesta, a locally owned business in Darmstadt. Speaking three languages has opened up the world to him and influences the breadth of topics covered in his articles. He has always held an affinity for the world wide web and its workings, development, history and future.

Being a key player in the development of, and Director of Marketing for HelpCloud, he takes the content displayed and utilized on HelpCloud extremely seriously.

Photo of Erik Fullmer