#43 – How to Find and Remove The Little Bird in Your Macbook


img_4479

EFFECTED USERS: Every (Apple) Macbook User

Hair of fire 4 of 5

SUMMARY: There is a new, somewhat mysterious malware package infecting Macbooks called “Silver Sparrow”

We have talked about malware many times, but this particular package is interesting because it is spreading quickly, seems to have infected about 30,000 macbooks so far, and it is built for the future by being compatible with the new M1 Apple processor.

Several posts and articles seem to be mischaracterizing this malware as “new macbooks only.” Here is an example: https://www.businessinsider.com/apple-m1-computer-malware-attack-silver-sparrow-mac-mini-macbook-2021-2

But, that’s not true. Silver sparrow can infect any macbook, with or without an M1 chip.

What is also interesting is that we don’t know what this malware does yet, because it just seems to be ‘calling’ it’s host server, and the host server does not respond with anything bad.

This is obviously a bit complex and concerning, so we brougt in someone from the team that discovered Silver Sparrow.   His name is Brian Donohue, Intelligence Analyst, Red Canary

Brian has been writing about and researching information security for the last decade. He started his career as a journalist and later became a threat intelligence analyst. Now, he works a prominent security company called Red Canary, which found and reported this new malware.

Welcome Brian!

Does Silver Sparrow effect only Macbooks?

How does Silver Sparrow get on to a Macbook? Does it seem that the malware was shipped with new Macbooks, or do  Macbooks get infected later?

Can Silver Sparrow infect Macbooks that do *not* have an M1 chip?

Silver Sparrow malware seems to be calling back to a host for instructions, but the host is not yet replied.  Why would the hacker do this?  Do we know what event will trigger Silver Sparrow to do more than just call its host?

How can a Macbook user figure out if they have been infected?  If a Macbook owner is infected, what should they do right now?

Antivirus Software:

Malwarebytes

Sophos

Published by

Unknown's avatar

David W. Schropfer

David W. Schropfer is a technology executive, author, and speaker with deep expertise in cybersecurity, artificial intelligence, and quantum computing. He currently serves as Executive Vice President of Operations at DomainSkate, where he leads growth for an AI-driven cybersecurity threat intelligence platform. As host of the DIY Cyber Guy podcast, David has conducted hundreds of interviews with global experts, making complex topics like ransomware, AI, and quantum risk accessible to business leaders and consumers. He has also moderated panels and delivered keynotes at major industry events, known for translating emerging technologies into actionable insights. David’s entrepreneurial track record includes founding AnchorID (SAFE), a patented zero-trust mobile security platform. He previously launched one of the first SaaS cloud products at SoftZoo.com, grew global telecom revenue at IDT, and advised Fortune 500 companies on mobile commerce and payments with The Luciano Group. He is the author of several books, including Digital Habits and The SmartPhone Wallet, which became an Amazon #1 bestseller in its category. David holds a Master of Business Administration from the University of Miami and a Bachelor of Arts from Boston College.

One thought on “#43 – How to Find and Remove The Little Bird in Your Macbook

  1. Pingback: Brian Donohue, Intelligence Analyst, on DIY Cyber Guy – DIY CyberGuy with David W. Schropfer

Comments are closed.