In a nutshell: A mysterious piece of macOS malware has been discovered by security researchers. The malware is thought to affect some 30,000 Macs around the world, including Apple's newer M1-powered computers. The malware forces affected Macs to check a control server once an hour, but the actual threat posed to users is so far a mystery.
The malware---identified by Red Canary researchers---has been found in 153 countries, with concentrations in the United States, the United Kingdom, Canada, France, and Germany. According to the researchers, Silver Sparrow, as they're calling this security threat is mysterious: so far, it simply forces affected computers to check a server once an hour, but that doesn't mean there's no potential risk.
Red Canary explains, "though we haven't observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest it's a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment's notice."
For that reason, the researchers are sharing everything they know about the Silver Sparrow before things get dangerous. Other than its oddly dormant state, the novelty of the malware also arises from its use of the macOS Installer JavaScript API to execute commands.
When installed on an Intel-based Mac, users will see a blank window displaying a "Hello, World!" message. On M1-powered Macs, you'll instead see a red window reading, "You did it!"
While Apple's macOS platform has historically been lauded as virus-free, we're seeing more and more pieces of malware targeting Macs---a rise due, at least in part, to the platform's growing user base.