First Apple Silicon Malware in the Wild
The first malware native to Apple Silicon M1 Macs has been discovered by independent security researcher Patrick Wardle.
Thank you for reading this post, don't forget to subscribe!
Ex-NSA researcher Patrick Wardle has recently praised Apple for the security of its M1 processor, but even so has now discovered evidence of hackers recompiling malware for it.
Wardle discovered the existence of GoSearch22.app, an M1-native version of the longstanding Pirrit virus. This version appears to have been aimed at displaying ads and collecting data from the user’s browser.
“Today we confirmed that malicious adversaries are indeed crafting multi-architecture applications, so that their code will natively run on M1 systems,” says Wardle in a blog post. “The malicious GoSearch22 application may be the first example of such natively M1 compatible code.”
“The creation of such applications is notable for two main reasons,” he continues. “First (and unsurprisingly), this illustrates that malicious code continues to evolve in direct response to both hardware and software changes coming out of Cupertino.”
“There are a myriad of [sic] benefits to natively distributing native arm64 binaries, so why would malware authors resist?” he continues. “Secondly, and more worrisomely, (static) analysis tools or anti-virus engines may struggle [to detect this].”
Via: AppleInsider.com