Moderators nukecad Posted February 23, 2021 Moderators Share Posted February 23, 2021 Quote A new macOS malware known as Silver Sparrow has silently infected almost 30,000 Mac devices with malware whose purpose is a mystery. .... According to Malwarebytes, this malware has infected 29,139 Mac devices across 153 countries, with high volumes in the United States, the United Kingdom, Canada, France, and Germany. https://www.bleepingcomputer.com/news/security/new-silver-sparrow-malware-infects-30-000-macs-for-unknown-purpose/ *** Out of Beer Error ->->-> Recovering Memory *** Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043 Link to comment Share on other sites More sharing options...
Moderators Andavari Posted February 25, 2021 Moderators Share Posted February 25, 2021 It's interesting that so many still think MacOS is immune to malware. Link to comment Share on other sites More sharing options...
Moderators nukecad Posted February 25, 2021 Author Moderators Share Posted February 25, 2021 It is strange why they still think that, probably Apple's propaganda (marketing) department. It just makes them more vulnerable to widespread infections like this one, maybe this will wake them up? Although no doubt Apple will say it's a one-off anomaly. *** Out of Beer Error ->->-> Recovering Memory *** Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043 Link to comment Share on other sites More sharing options...
Admin Dave CCleaner Posted February 25, 2021 Admin Share Posted February 25, 2021 9 hours ago, Andavari said: It's interesting that so many still think MacOS is immune to malware. I was clearing viruses off Macs with Virex back in the 90s, when the primary infection vector was shareware floppies. Macs have never had the market share to make them an attractive target for most for-profit malware authors, but since generally speaking Mac owners have more money than PC owners they do present a lucrative niche for phishing, identity theft and keyloggers. 1 hour ago, nukecad said: maybe this will wake them up? Nothing I have seen in the past 15 years would suggest that it will. Piriform Homepage - [CCleaner - CCleaner Mac - CCleaner Android - CCleaner Browser - Defraggler - Recuva - Speccy - Kamo] - Product Support Looking for your licence key, expiry date or download link? Check here first: https://www.ccleaner.com/support/license-lookup To find out how we protect your privacy - read CCleaner's Data Factsheet. What's new? Check the latest CCleaner for Windows release notes. Link to comment Share on other sites More sharing options...
Moderators nukecad Posted February 25, 2021 Author Moderators Share Posted February 25, 2021 TBH as this virus doesn't seem to do anything (yet) you have to wonder if this was maybe the whole point; to show thousands of Mac users how easily they could get infected? If thousands of Mac users suddenly go out and buy AV's for their Macs that's a lot of profit for someone (with Apple taking a cut). *** Out of Beer Error ->->-> Recovering Memory *** Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043 Link to comment Share on other sites More sharing options...
Willy2 Posted February 25, 2021 Share Posted February 25, 2021 - This could have been an attempt to see how vulnerable the MacOS is. It could have been meant to be a backdoor for future infections. System setup: http://speccy.piriform.com/results/gcNzIPEjEb0B2khOOBVCHPc A discussion always stimulates the braincells !!! Link to comment Share on other sites More sharing options...
Moderators Andavari Posted February 26, 2021 Moderators Share Posted February 26, 2021 With that article reporting 30K infections I doubt it was a merely "nice tap on the shoulder" just to get some attention without it actually being able to do something. Link to comment Share on other sites More sharing options...
Moderators nukecad Posted February 26, 2021 Author Moderators Share Posted February 26, 2021 It's interesting to note that Malwarebytes and Red Canary's investigation has found that in most cases the infection can only be implied by one file that gets left behind after it 'self-destructs'. Which shows that it did run on those machines and then deleted itself. Whether it actually did anything when run (gathered data, files, etc) is unknow because of the way it 'phones home' for a package of instructions on what to do, and so those instructions and what they do are unknown. (and being a package can be changed to do different things). https://blog.malwarebytes.com/mac/2021/02/the-mystery-of-the-silver-sparrow-mac-malware/ Quote The paths detected show a rather interesting pattern. The vast majority of “infections” are actually represented by the ._insu file, and machines that have that file present do not have any of the other components (as expected). PS. As of Tuesday the known infection count had risen to just under 40K. *** Out of Beer Error ->->-> Recovering Memory *** Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now