Hackers attack the M1 Mac with malware |
MacOS security researcher Patrick Wardle said Apple's Mac M1 was only released a few months ago, but hackers quickly began targeting the system.
The discovery of one of the earliest examples of malware designed to run locally on the Mac M1 shows that hackers have begun to adapt the malware to use the company's processors on the company's latest generation of Macs.
Migrating to M1 requires developers to create new versions of applications to ensure performance and compatibility. Malware writers take similar steps to create malware that can run locally on the M1 system.
Wardell has detailed a Safari plugin called GoSearch22 that was originally written for Intel x86 chips but can be modified for ARM-based M1 chips.
According to an example uploaded on December 27th through Alphabet's antivirus testing platform, VirusTotal, the facility first appeared on November 23, 2020.
“The extension collects user data and floods the screen with illegal ads. However, it can be updated with more harmful features,” Wardle said.
While the Mac M1 can run applications developed by emulating Intel x86 chips, many developers will continue to build the original M1 version of the software.
Wardle writes: The presence of GoSearch22 confirms that the authors of malware or adware work to ensure that their malware is compatible even with the latest Apple devices.
While this development illustrates how malware is evolving in direct response to hardware changes, Wardle cautioned that the arm64 binaries could have problems with scan tools or antivirus engines, and that software detection security levels are down 15% compared to the release. .
The GoSearch22 malicious extension might not be a new or dangerous feature. However, the emergence of new M1-compatible malware indicates that this is only the beginning and other variants may appear in the future.