Barely a week ago, Patrick Wardle announced the discovery of the first piece of malware capable of slipping past the defenses of Apple’s M1, which was considered to be among the most secure commercially available technology. Now, it seems, there are two.
Researchers from Red Canary and Malwarebytes jointly discovered an insidious, stealthy malware strain that had found its way onto more than 30,000 Apple computers, including M1’s.
There are several things that make this a noteworthy discovery, but the biggest and most important are:
First, the M1 only recently came out and already at least two threats have been found in the wild that are capable of slipping past its impressive defenses. If there are two, there are probably others that we don’t yet know about.
Second, this malware strain was designed to self-destruct after delivering its payload, erasing all traces that it was ever there and making it virtually impossible to trace. Fortunately, the strain, dubbed ‘Silver Sparrow’ by those who discovered it, did not carry a payload. Its discovery allowed Apple to revoke its binaries, which should prevent any user from inadvertently installing it.
At this point, no one is quite sure who’s behind the malicious code, but it is highly advanced. Also, there’s the fact that it was spotted sans payload indicates that it may have been a trial run in anticipating of launching an attack with a potentially devastating payload. Unfortunately, that risk is still present, and again, this new strain seems capable of slipping past even the best antivirus defenses in the industry.
All of this underscores the fact that no matter how lavishly you spend on technology, you are not safe. You may make it relatively more difficult for the hackers to breach your system, but if they want in badly enough, they’re going to find a way. That means that in addition to top notch detection, you need to have rapid response teams ready in the event that you are breached. If this latest malware strain is any indication, it’s just a matter of time, no matter how much you spend on defense.