Apple's hardware has the long-standing reputation of being more immune to malware; mainly, this is because Apple’s machines are less popular, giving less avenue of attack for attackers’ pernicious payloads. That is, until now: hackers have debuted malware specifically geared to run on Apple’s M1 processors, including the Mac Mini, MacBook Pro 13-inch M1, MacBook Air M1 (2020).
When Apple launched the M1 chip, it deviated from the Intel x86 architecture, giving the Cupertino-giant the ability to streamline its security features under one hood, natively baking protections into its processors. With all manner of dangerous malware already so endemic to hardware and browsers, the very first Apple M1 MacBook malware reports have now surfaced from veteran MacBook security researcher, Patrick Wardle, who has published research around a malicious Safari adware extension.
- Sonos confirm March 9 event: Bluetooth speaker or noise-canceling headphones incoming?
- Skullcandy is hot on Bose's heels with its new Active Noise Cancelling Hesh headphone range
- Google Pixel photo perks heading to other Android phones – but you have to pay
The malware strain was first developed for Intel x86 chips before being revised to target the M1 series of MacBooks. The payload, GoSearch22, is a member of the now-infamous Pirrit Mac adware family.
Wardle writes in his blog, “Today we confirmed that malicious adversaries are indeed crafting multi-architecture applications, so that their code will natively run on M1 systems.”
Ne'er-do-wells will deploy adware en masse, generating huge streams of income by mercilessly spamming users with pop-ups and adverts. Wardle says that the adware was signed via an Apple developer ID; interestingly, this would circumvent the safety net of Gatekeeper on macOS, which signals potential threats that lurk in unopened applications. This means being even warier when using an Apple machine – or, you could play it safe with a device from our best laptop list.
Malware is an omnipresent threat to the integrity of security systems across the globe, but this M1-targeting strain of the Pirrit family is of much concern due, in part, to the number of existing antivirus systems that easily sniffed out the Intel variants, but mesmerically overlooked the M1 strains.
“Certain defensive tools like antivirus engines struggle to process this ‘new’ binary file format,” Wardle adds, “They can easily detect the Intel-x86 version, but failed to detect the ARM-M1 version, even though the code is logically identical.” So, if you're weighing up what premium bit of Apple kit you might need, it's good to keep this top-of-mind.
Of course, it's always worth practicing strong operational security by updating your system, staying clear of suspect links, even using handy tab managers to make your digital workspace cleaner, and more orderly. That said, there's only so much that can be done, and it was only a matter of time before we started seeing malware engineered for M1 MacBooks.