Apple Silicon Malware, the First of Its Kind, Was Discovered by an Independent Security Researcher
The very first native Apple Silicon malware was discovered by an independent security researcher Patrick Wardle. While he initially sang praises of the security of these new Mac models thanks to the latest 5nm M1 chip, he’s now found evidence of malware recompilation.
Apple Has Revoked the Developer’s Certificate so It Can No Longer Run
Patrick Wardle is an ex-NSA security researcher who discovered that hackers were recompiling malware called GoSearch22.app (via AppleInsider). It’s the first native malware for the M1 Mac models, and the current version aims at displaying ads while also collecting the user’s browser data. He also mentions that such malicious code will continue to evolve as Apple comes out with newer hardware featuring the company’s custom silicon. This may also apply to the redesigned MacBook Pro models expected in the second quarter of 2021.
“Today we confirmed that malicious adversaries are indeed crafting multi-architecture applications, so that their code will natively run on M1 systems. The malicious GoSearch22 application may be the first example of such natively M1 compatible code. The creation of such applications is notable for two main reasons. First (and unsurprisingly), this illustrates that malicious code continues to evolve in direct response to both hardware and software changes coming out of Cupertino.”
Wardle also mentions that anti-virus tools used to detect malware on Apple’s Intel-based Macs failed to detect GoSearch22.app on the M1 models. Perhaps it’s a matter of these anti-virus programs upgrading their database to detect new malware since the native one for M1 Macs is fairly new. Wardle also mentions that since Apple revoked the developer’s certificate, it can no longer run.
“What is not known is if Apple notarized the code. We cannot answer this question, because Apple has revoked the certificate.”
It’s also unclear how many macOS users were affected since no user has reported any behavior revolving around unusual ads displayed on their Apple Silicon Macs. We’ll have to wait and see through different forums if there are any users reporting on any strange activity on their Macs and inform our readers in the future, so stay tuned.
News Source: Patrick Wardle
Stay in the loop
GET A DAILY DIGEST OF LATEST TECHNOLOGY NEWS
Straight to your inbox
Subscribe to our newsletter