A security researcher has discovered malware designed specifically for systems based on M1 processors.
Macs with Apple's new M1 processors have only been on sale for a few months, but they have already been targeted by cybercriminals. According to security researcher Patrick Wardle, he discovered a malicious application designed specifically for M1.
As Wardle explained, he discovered an advertising extension for the Safari browser called GoSearch22 was originally developed for Intel x86 processors. The extension is a variant of the Pirrit adware for Mac. In its current form, GoSearch22 is quite harmless – it collects user data and clutters the screen with ads, but in the future, developers can add more serious features to it.
Although using emulation on the new "Macs" can still run applications designed for Intel x86 processors, many developers create software versions specifically for M1. GoSearch22 is a clear confirmation that the developers of malicious / advertising programs carefully ensure that their creations have "native" compatibility with the latest Apple hardware.
Wardle discovered a malicious extension on the VirusTotal platform, uploaded there in December last year. The researcher found that although the platform's antivirus scanners marked the x86 version of the adware as malicious, 15% of them did not consider GoSearch22 under M1 malicious. That is, currently, not all antivirus solutions are fully ready to eliminate malware developed specifically for systems based on M1 processors.
As researcher Thomas Reed explained to Wired, compiling software for M1 is as simple as "clicking a switch in the project settings", so hackers may not have to work hard to adapt their malware to the latest processor from Apple.
Macs with Apple's new M1 processors have only been on sale for a few months, but they have already been targeted by cybercriminals. According to security researcher Patrick Wardle, he discovered a malicious application designed specifically for M1.
As Wardle explained, he discovered an advertising extension for the Safari browser called GoSearch22 was originally developed for Intel x86 processors. The extension is a variant of the Pirrit adware for Mac. In its current form, GoSearch22 is quite harmless – it collects user data and clutters the screen with ads, but in the future, developers can add more serious features to it.
Although using emulation on the new "Macs" can still run applications designed for Intel x86 processors, many developers create software versions specifically for M1. GoSearch22 is a clear confirmation that the developers of malicious / advertising programs carefully ensure that their creations have "native" compatibility with the latest Apple hardware.
Wardle discovered a malicious extension on the VirusTotal platform, uploaded there in December last year. The researcher found that although the platform's antivirus scanners marked the x86 version of the adware as malicious, 15% of them did not consider GoSearch22 under M1 malicious. That is, currently, not all antivirus solutions are fully ready to eliminate malware developed specifically for systems based on M1 processors.
As researcher Thomas Reed explained to Wired, compiling software for M1 is as simple as "clicking a switch in the project settings", so hackers may not have to work hard to adapt their malware to the latest processor from Apple.