The malware, which the company calls Silver Sparrow, does not “present the behaviors we expect from the usual adware that is so often targeted at macOS systems,” wrote Tony Lambert, an intelligence analyst at Red Canary.
It is unclear what the purpose of the malware is. Silver sparrows include a self-destruct mechanism that appears not to have been used, the researchers said. It is also unclear what would trigger this feature.
“While we have not yet observed that Silver Sparrow provides additional malicious payloads, its compatibility with future M1 chips, global reach, relatively high infection rate, and operational maturity suggest that Silver Sparrow is a reasonable threat. serious, “the researchers wrote.
Silver Sparrow infected Macs in 153 countries as of Feb. 17, with higher concentrations in the United States, the United Kingdom, Canada, France and Germany, according to data from Malwarebytes, a website that blocks ransomware attacks.