• Ar chevron_right

    Apple M1-native malware has already begun to appear / ArsTechnica · Wednesday, 17 February, 2021 - 18:31 · 1 minute

A stylish emblem which reads

Enlarge / GoSearch22 isn't, technically speaking, any sort of "virus." But it's certainly not anything you'd want on your shiny new M1 Mac. (credit: Pete Linforth )

Last year, Apple released Macbooks and Mac Minis powered by a new ARM CPU—the Apple M1. A few months later, malware authors are already targeting the new hardware directly. Wired interviewed Mac security research Patrick Wardle, who discovered an M1-native version of the long-running, Mac-targeted Pirrit adware family.

Apple M1, malware, and you

ARM CPUs have a very different Instruction Set Architecture (ISA) than traditional x86 desktop and laptop CPUs do, which means that software designed for one ISA can't run on the other without help. M1 Macs can run x86 software with a translation layer called Rosetta, but native M1 apps of course run much faster—as we can see by comparing Rosetta-translated Google Chrome to the M1 native version.

When it comes to malware, Apple users have long benefited from the minority status of their platform. Ten years ago, macOS's operating system market share was only 6.5 percent, and few malware authors bothered to target it at all—but today, that market share is approaching 20 percent. That increase in popularity has brought malware vendors along with it; the macOS malware ecosystem is still tiny and relatively crude compared to the one plaguing Windows, but it's very real.

Read 10 remaining paragraphs | Comments