A few months ago, Apple unveiled three series of computers powered by its own M1 chip, designed to replace Intel\u2019s processors. The chips are notable for being based on the ARM architecture instead of the x86 architecture traditionally used in personal computers. In essence, the Apple M1 is a direct relative of the iPhone and iPad processors. If everything goes according to plan, Apple will be able to switch completely to its own processors and unify its software under a single architecture.<\/p>\n
Leaving aside the current pros and cons performance-wise, we took a look at the innovation from a security perspective. Bad news: Just a few months after the release of the first Apple M1 computers, virus writers had already adapted several malware families to the new processor.<\/p>\n\n
In terms of malicious functionality, absolutely nothing distinguishes M1 malware from \u201cregular\u201d malware. It can run natively on Mac computers with M1 chips, that\u2019s the difference. Developers recompiled their code and adapted the malware to the new architecture to make it work more efficiently. Essentially, the M1 adaptation drive is just more evidence that virus writers are motivated to keep their creations up to date.<\/p>\n
Unfortunately, malware adapted for M1 is an addition, not merely a replacement. Apple uses the Rosetta 2<\/a> system to make the transition from one platform to another seamless. Roughly speaking, it translates old program code written for the Intel x86 series into a form that the M1 can digest.<\/p>\n Rosetta doesn\u2019t distinguish legitimate programs from malicious ones; it runs x86 malware as readily as any other app. But it is always more convenient to work without an intermediary, which is why some virus writers adapted their handiwork for the Apple M1.<\/p>\n The new malicious programs for the Apple M1 are not fundamentally new; they\u2019re modifications of old ones. Cybercriminals tend to release the updated versions in a hybrid format, compatible with both platforms.<\/p>\n Our researchers have reliably identified four families already adapted for the M1. The first, known as XCSSET, infects Xcode projects and allows attackers to do all kinds of nasty stuff on the victim\u2019s Mac. The second is Silver Sparrow, which recently made a media splash<\/a> and is spreading far faster than the first. The third and fourth known M1-malware varieties are adware from the Pirrit and Bnodlero families.<\/p>\n Hardcore techies can check out our technical breakdown<\/a> of all four families.<\/p>\n Probably the most important advice for Mac users is not to become complacent just because Apple devices are supposedly safer than others, and to adhere to all the usual rules of digital hygiene:<\/p>\nAre older computers immune to M1 malware?<\/h2>\n
How many varieties of M1 malware are out there?<\/h2>\n
How can you guard against M1 malware?<\/h2>\n