Mac Malware is Getting Smarter

I still bump into people that think their Macs are somehow immune from Malware. That just isn’t the case. Mac users are just as able to download malicious code as Windows users are. Historically, however, we’ve had some advantages on the Mac:

A Smaller Target
There just are not as many Macs in the world as there are Windows computers. Moreover, often the targets of malware (business and financial institutions) don’t run Macs.

Apple’s Increasing Emphasis on Security
Apple has been putting the screws down on macOS for years now. They’ve steered users toward the App Store, where they have more control over the apps you install on your Mac. They’ve rebuilt the plugin systems for Apple Mail and Safari so they are much more secure. They’ve implemented a notarization system for apps and they’ve even created a way to disable binaries from Apple Servers.

These two factors have combined to give Mac users a false sense of security. All that said, if you install an app from an untrusted source (or if one of your trusted sources that was unknowingly compromised, which happens), users are fully capable of installing malware on their systems.

That happened over the past few months with a malicious payload known as Silver Sparrow. (Red Canary did an excellent job documenting it.). It looks like this one was caught before it did any real damage (and Apple has now disabled the binary), but the advantage of catching this unexploded bomb was that it gave security researchers an opportunity to study it in detail. Silver Sparrow was designed to launch additional software that would do who knows what. It was also designed to cover its own tracks. It was very sophisticated software designed to run on both Intel and Apple Silicon Macs. Malware is increasingly targeting the Mac at a time when malware is getting increasingly advanced.

You shouldn’t be paranoid, but you also shouldn’t assume you are safe just because you are on a Mac. Don’t install software from unknown developers. Be careful around unknown download links and email attachments. In short, keep your head screwed on.

Whenever this question comes up, I get asked if I’m running virus software on my Mac. Currently, I am not. In my experience, virus software too often comes with its own set of headaches. However, reading about Silver Sparrow has me considering it again.