Patrick Wardle is a legend in the Apple ecosystem, and one of the best independent security researchers out there.

Not long ago, he sang Apple's praises for the security of their M1 processor.

More recently however, he made a rather disturbing discovery, finding malware in the wild that specifically targets the new chip.

Wardle had this to say about the matter:

"Today we confirmed that malicious adversaries are indeed crafting multi-architecture applications, so that their code will natively run on M1 systems. The malicious GoSearch22 application may be the first example of such natively M1 compatible code.

The creation of such applications is notable for two main reasons. First (and unsurprisingly), this illustrates that malicious code continues to evolve in direct response to both hardware and software changes coming out of Cupertino.

There are a myriad of [sic] benefits to natively distributing native arm64 binaries, so why would malware authors resist? Secondly, and more worrisomely, (static) analysis tools or anti-virus engines may struggle [to detect this]."

Unfortunately, a number of antivirus solutions that can detect this malware on Intel machines are unable to spot the Apple Silicon M1 variant. If there's a silver lining though, it lies in the fact that Apple moved quickly and revoked the developer's certificate. The downside to that is that Wardle was unable to determine whether the binary was notarized or not, but either way, the bottom line is that macOS users were infected by the strain.

All that to say that if you own an M1, you will definitely benefit from the processor's improved security. It is not, however, a free pass. Hackers have already found a way to design malware to circumvent the improved security and where there's one, you can bet there will be more to follow, so don't let your guard down.

About the Author

Marty Parker

Marty Parker
Owner & General Manager

Marty is the Owner and General Manager of Heritage Digital. Marty has managed and built high-performing IT teams for over 30 years. He served 13 years in the manufacturing industry and 13 years in corporate-owned healthcare organizations. Before acquiring Heritage Digital, Marty was the Chief Information Officer of Carolinas Hospital System (now MUSC Health Florence Medical Center) in Florence, SC. Marty is passionate about educating and protecting people against cybercriminals.

Used with permission from Article Aggregator