Silver Sparrow Malware

The Silver Sparrow Malware is a Trojan downloader that downloads and installs additional threats without the user's consent. It's compatible with macOS systems, including both M1 processor-based hardware and older Intel x86 ones. Users should respond to infections by disabling their Internet connections and removing the Silver Sparrow Malware as soon as possible with any appropriate anti-malware solution.

How Fast Hardware Updates Fall to Hackers

After the recent campaign of the Pirrit adware variant, GoSearch22, customers upgrading their Mac hardware are encountering security troubles coming out of the gate. The supposed security benefits of M1 processors, while an apparent improvement over older Intel models, is far from impenetrable. The Silver Sparrow Malware is the second attempt at piercing these defenses and one more overtly hostile than advertising software.

This Week In Malware Episode 41 Part 1: Silver Sparrow Malware Floods and Infects 30,000 Mac Computers Causing Mass Hysteria

Although malware experts see evidence of the Silver Sparrow Malware's development going back to last year, its campaign's final payload still is unknown. The Trojan uses JavaScript, instead of more-traditional pre or post-installation scripts, as part of its obfuscation efforts, and Amazon cloud services for C&C infrastructure. There also are at least two versions of the Silver Sparrow Malware: one for M1 processor architecture and one for Intel x86.

The Trojan contacts its C&C server on an hourly basis along with also reporting the initial installation's success. Presumably, the threat actor will eventually provide more downloadable components for the Silver Sparrow Malware, such as adware, spyware, or a more comprehensive backdoor Trojan. Of course, these downloads and file executions require no permission from the user and occur as hidden background processes.

Minding One's Manners Around Newly-Baked Trojans

Users should avoid inviting threats like the Silver Sparrow Malware into their systems by downloading illegal files, using weak passwords, or avoiding updating software that includes public vulnerabilities. Although malware experts can't confirm the Silver Sparrow Malware's current distribution exploits, a Red Canary report suggests the chances are high for threatening search results. Disabling features like Flash and JavaScript also is preferable for users' protecting Safari and other Web browsers from Exploit Kits and drive-by-downloads.

Malware experts also recommend against spotting the Silver Sparrow Malware installations as a substitution for comprehensive protection through security solutions However, there are some processes associated with the Silver Sparrow Malware and similar threats. The 'curl,' 'sqlite3,' and 'PlistBuddy' processes are known factors, with the latter two including additional command-line arguments.

The Silver Sparrow Malware uses a LaunchAgent-based persistence method, and users should assume that it's always active unless they take steps for disabling it. Disconnect from the Internet as soon as possible after infection and let a dedicated anti-malware product remove the Silver Sparrow Malware.

The Silver Sparrow Malware is flying high, fast, but with a questionable destination. There's little telling what's next for the Silver Sparrow Malware's payload, except that it can't be anything beneficial to the macOS users experiencing its payload.