"Attackers Already Unleashing Malware for Apple macOS M1 Chip"
The growing popularity of Apple Macs among enterprises is accompanied by the increasing number of malware variants targeting macOS. The arrival of Apple's new ARM64-based M1 processors has come with a new generation of malware specific to macOS. Most macOS-specific malware variants have been found to be repurposed from Windows malware variants. The shift to working from home due to the COVID-19 pandemic has increased the use of Macs for work activities as some employees' home offices include Mac devices, thus making them a more attractive target for attackers seeking to compromise enterprises. Mac security expert Patrick Wardle has already observed an increasing number of malware variants written specifically for the M1 platform. M1 provides faster and more efficient processing, graphics, and longer battery life. It also comes with new security features to protect the machine from remote exploitation and provide physical access protection. Still, Wardle discovered that new macOS malware could circumvent many anti-malware tools. Wardle will share his findings from the reverse engineering and analysis of M1-specific malware samples at Black Hat USA in Las Vegas to help threat hunters and researchers better detect such malware. When he split out the binaries for macOS malware (one built for the Intel-based Mac platform and the other for the M1-based platform), anti-malware systems were found to detect malware targeting the Intel platform more than macOS malware targeting the M1 platform, despite the binaries being logically identical. This finding suggests that existing antivirus signaures tend to be created only for the Intel variant of macOS malware. This article continues to discuss the increased targeting of Apple's new ARM-based M1 processors by malware authors and the research conducted by Patrick Wardle to help spot new macOS malware.
Dark Reading reports "Attackers Already Unleashing Malware for Apple macOS M1 Chip"