"And honestly, I’m not at all surprised by the fact that it happened in Pirrit first. “It definitely was inevitable-compiling for M1 can be as easy as flicking a switch in the project settings," Reed says. But he adds that it's important for security researchers to be aware that native M1 malware is not just coming, but already here. Malwarebytes Mac security researcher Thomas Reed agrees with Wardle's assessment that the adware was not very novel in itself. The malicious extension, GoSearch22, is a member of the notorious Pirrit Mac adware family. Longtime Mac security researcher Patrick Wardle published findings on Wednesday about a Safari adware extension that was originally written to run on Intel x86 chips, but has now been redeveloped specifically for M1. Not to be outdone, malware authors have started making the transition too.
Worm mac emulator software#
That transition has required legitimate developers to work on building versions of their software that run “natively” on M1 for optimal performance rather than needing to be translated through an Apple emulator called Rosetta 2. Now hackers have debuted malware tailored to run on Apple's new ARM-based M1 processors, released for the MacBook Pro, MacBook Air, and Mac Mini in November.Īpple's M1 chip is a departure from the Intel x86 architecture Apple has used since 2005, and it gives Apple the opportunity to bake specific Mac security protections and features directly into its processors. There's adware and even ransomware tailored to Macs, and attackers are always looking to circumvent Apple's latest defenses.
Mac malware has always been less common than its Windows-targeting counterparts, but in recent years the threat to Apple computers has gone mainstream.