Jump to content

30,000 Macs get mystery infection.


nukecad

Recommended Posts

  • Moderators
Quote

A new macOS malware known as Silver Sparrow has silently infected almost 30,000 Mac devices with malware whose purpose is a mystery.
....
According to Malwarebytes, this malware has infected 29,139 Mac devices across 153 countries, with high volumes in the United States, the United Kingdom, Canada, France, and Germany.

https://www.bleepingcomputer.com/news/security/new-silver-sparrow-malware-infects-30-000-macs-for-unknown-purpose/

*** Out of Beer Error ->->-> Recovering Memory ***

Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:
https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043

 

Link to comment
Share on other sites

  • Moderators

It is strange why they still think that, probably Apple's propaganda (marketing) department.

It just makes them more vulnerable to widespread infections like this one, maybe this will wake them up?
Although no doubt Apple will say it's a one-off anomaly.

*** Out of Beer Error ->->-> Recovering Memory ***

Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:
https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043

 

Link to comment
Share on other sites

  • Admin
9 hours ago, Andavari said:

It's interesting that so many still think MacOS is immune to malware.

I was clearing viruses off Macs with Virex back in the 90s, when the primary infection vector was shareware floppies.  Macs have never had the market share to make them an attractive target for most for-profit malware authors, but since generally speaking Mac owners have more money than PC owners they do present a lucrative niche for phishing, identity theft and keyloggers.

1 hour ago, nukecad said:

maybe this will wake them up?

Nothing I have seen in the past 15 years would suggest that it will.

Piriform Homepage - [CCleaner - CCleaner Mac - CCleaner Android - CCleaner Browser - Defraggler - Recuva - Speccy - Kamo] - Product Support

Looking for your licence key, expiry date or download link? Check here first: https://www.ccleaner.com/support/license-lookup
To find out how we protect your privacy - read CCleaner's Data Factsheet.
What's new? Check the latest CCleaner for Windows release notes

Link to comment
Share on other sites

  • Moderators

TBH as this virus doesn't seem to do anything (yet) you have to wonder if this was maybe the whole point; to show thousands of Mac users how easily they could get infected?

If thousands of Mac users suddenly go out and buy AV's for their Macs that's a lot of profit for someone (with Apple taking a cut).

*** Out of Beer Error ->->-> Recovering Memory ***

Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:
https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043

 

Link to comment
Share on other sites

  • Moderators

With that article reporting 30K infections I doubt it was a merely "nice tap on the shoulder" just to get some attention without it actually being able to do something.

Link to comment
Share on other sites

  • Moderators

It's interesting to note that Malwarebytes and Red Canary's investigation has found that in most cases the infection can only be implied by one file that gets left behind after it 'self-destructs'.

Which shows that it did run on those machines and then deleted itself.

Whether it actually did anything when run (gathered data, files, etc) is unknow because of the way it 'phones home' for a package of instructions on what to do, and so those instructions and what they do are unknown. (and being a package can be changed to do different things).

https://blog.malwarebytes.com/mac/2021/02/the-mystery-of-the-silver-sparrow-mac-malware/

Quote

The paths detected show a rather interesting pattern. The vast majority of “infections” are actually represented by the ._insu file, and machines that have that file present do not have any of the other components (as expected).

 

PS. As of Tuesday the known infection count had risen to just under 40K.

*** Out of Beer Error ->->-> Recovering Memory ***

Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:
https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.