The first malware detection on Mac M1

More importantly, besides the Mac models running Intel chips, people also discovered a new type of malware (malware) designed specifically for Apple's M1 chip, with many tweaks to be able to function. on Macs using the M1 microprocessor.

According to a new report published by security researcher Patrick Wardle, malware creators can easily customize and recompile available malware to run natively on the M1 chip.

The first malware that affected the M1 chip was an extension for the Safari browser called "GoSearch22", originally created to work on Intel x86 chips. It is believed to be a variant of the adware "Pirrit" that appeared on the Mac before.

If you didn't know, Pirrit is one of the oldest family of adware software on Mac and has been constantly being tuned to avoid detection. So it is only a matter of time before malware appears on a Mac.

GoSearch22 disguises itself as a legitimate extension for the Safari browser. It monitors and collects user data, then displays a large number of advertisements on the screen such as banners or pop-ups.

Some pop-ups link to other malicious websites that contain more adware. According to Wardle, GoSearch22 was registered with an Apple developer ID in November 2020, but was later revoked.

He added that the malware on the Mac M1 is still new and that anti-virus programs are harder to detect than the x86 version. In other words, this is just the beginning, and given the current situation, there may be more similar malware that affects Mac models running Apple's M1 chip.

Marvin Fry

Update 19 February 2021