Apple: Yep, the Secure System
March 12, 2021
One of the best things about Apple products are their resistance to viruses and malware. However, when a bad actor sinks their coding fangs into the Mac OS and figures out how to corrupt the software, cyber security professionals pay attention. Ars Technica reports that, “New Malware Found On 30,000 Macs Has Security Pros Stumped.”
The downloaded malware has yet to do anything nefarious other than ping a control server to check for new commands. Security experts believe that there could be an ultimate end action, but it has not happened yet. The malware also has a self-destruction capability, usually that action is reserved for stealth software. It also runs on the new M1 chip and uses the macOS Installer JavaScript API for commands. Red Canary researchers call the new malware “Silver Sparrow.”
Developers are skeptical about Silver Sparrow’s end purpose, but are impressed that it broke through Apple’s legendary defenses:
“An Apple spokesperson provided a comment on the condition they not be named and the comment not be quoted. The statement said that after finding the malware, Apple revoked the developer certificates. Apple also noted there’s no evidence of a malicious payload being delivered. Last, the company said it provides a variety of hardware and software protections and software updates and that the Mac App Store is the safest venue to obtain macOS software.
Among the most impressive things about Silver Sparrow is the number of Macs it has infected. Red Canary researchers worked with their counterparts at Malwarebytes, with the latter group finding Silver Sparrow installed on 29,139 macOS endpoints as of Wednesday. That’s a significant achievement.”
Apple thankfully caught the malware before any damage was done, but it proves that Mac are not invincible and dedicated hackers can penetrate the OS. Will Apple start peddling virus protection software and add an exorbitant price tag?
Whitney Grace, March 12, 2021
Comments
2 Responses to “Apple: Yep, the Secure System”
The best thing about Mac’s security is that they simply are not targeted on a broad scale. It’s not that their defenses are stellar, it’s that no one really cares enough to go after that small of a market share. MacOS and iOS vulnerabilities/exploits have existed for decades and malware mitigations are readily available (Cylance, Carbon Black, others…).
As for Mac defenses being considered “legendary”… well – that’s as far as I would take it: as nothing more than a legend.
Hopefully Silver Sparrow will wake Mac users up to the reality that Apple’s platform is really just as indefensible as the alternatives when not hardened or deployed properly.
There is no “secure system” and it’s fallacious to suggest there is. But suggesting MacOS and iOS are just as shoddy as Windows or even as Linux is ignorance masquerading as sophistication. In particular, there are at present zero exploits for iOS that can survive rebooting the phone.
30,000 infected end-user Macs out of approximately 100M active worldwide is basically a drop in the bucket. Meanwhile there are estimates of 100,000 Microsoft Exchange servers compromised by the Hafnium vulnerability. These are professionally-managed servers, likely most are fully patched, and something in Microsoft security engineering left them open to this attack.
It’s important to find out the actual strengths and weaknesses of the operating systems you’re talking about.