What’s up with the new Mac malware?

Silver Sparrow is the name of the new malware for macOS. Here you can find out how it got onto systems and whether you could already be affected by it. […]

Recently, security researchers from Malwarebytes and other companies discovered a new malware threat: Silver Sparrow (c) pixabay.com

Recently, security researchers from Malwarebytes and other companies discovered a new malware threat: Silver Sparrow. The malware embeds itself on Apple systems – a rather rare phenomenon when you compare it to the numerous malware available for Windows. By mid-February, the said companies had already identified 29,000 infected Apple systems – systems in the USA, Great Britain, Canada, France and Germany in particular had a negative impact. Silver Sparrow use the Installer JavaScript interface to be able to execute shell scripts and to place themselves as LaunchAgent in the OS.

Silver Sparrow contacts a server at regular intervals to reload any new content from the network – but this has not yet happened. Silver Sparrow is delivered as a .pkg installation file and was signed with a valid developer certificate, so no warnings were displayed when installing on Macs. Apple has now withdrawn the certificate so that Silver Sparrow can no longer be installed in this way – but this would still be possible with a different certificate.

Do I have Silver Sparrow on my Mac?

There are certain indicators that suggest that Silver Sparrow has already found its way onto a system like Malwarebytes reported.

  1. Open the Finder.
  2. Press the combination cmd + shift + G and enter the path / tmp.
  3. If you find one of the following files in the folder that is now open, it is likely that you might have Silver Sparrow on your system: /tmp/agent.sh, /tmp/version.plist, or /tmp/version.json
  4. Repeat step 2 with the path ~ / Library and look for the entry ._insu
  5. The free software from Malwarebytes detects and removes the software OSX.SilverSparrow and is available here.

.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.