The M1 chip is the latest processor for Apple Macs. Malware authors have already created Mac-specific binaries that can target the ARM64 architecture used by these M1 processors. One of the malware downloaders is called Silver Sparrow and can use the MacOS installer’s JavaScript API to create communication with a command-and=control infrastructure built on Amazon Web Services and Akamal’s content distribution network. The installer’s JavaScript API is also used to create persistence for the malware.
This binary with ARM64 structure allows the malware to run a bit faster and avoid some x86-focused security measures according to Tony Lambert from Red Canary. The malware has not been created with any unique feature to M1, however still has a greater chance of being successful due to the relative lack of available security tools for the new M1 architecture. This attack indicates that malware attackers are shifting to attacking Macs rather than the historically more business application dominated Windows-based computers.
Read more: Attackers Already Targeting Apple’s M1 Chip with Custom Malware
