Attackers Already Unleashing Malware for Apple macOS M1 Chip
It was only a matter of time. Apple Macs are growing in popularity in the enterprise - as is the number of malware variants targeting macOS. But the much-anticipated arrival of Apple's new system-on-a-chip, the M1, has spawned a new generation of macOS-specific malware that anti-malware tools, threat hunters, and researchers must quickly learn to spot and, ultimately, thwart.
Most macOs malware traditionally has been repurposed from Windows malware variants. But the pandemic's pivot to work-from-home sent more Macs to the enterprise as employees set up home offices (some with home Mac devices), making them a more lucrative target for attackers going after businesses.
Mac security expert Patrick Wardle has already seen increasing numbers of malware variants written specifically for the M1 platform, Apple's new ARM64-based microprocessor. M1 boasts faster and more efficient processing, graphics, longer battery life, and is now running in its new generation of Macs and the iPad Pro. It also comes with some new baked-in security features, including one that helps protect the machine from remote exploitation, as well as physical access protection.
Even so, Wardle found that new macOs malware can slip by many anti-malware tools. He will demonstrate next month in a talk at Black Hat USA in Las Vegas some techniques for threat hunters and researchers to spot these new malware variants, including understanding native M1 code and reverse-engineering code written for the processor.
