Min menu


Hackers target M1 Macs with malware


Apple's Mac M1 arrived just a few months ago, but it didn't take long for hackers to start targeting systems, according to macOS security researcher Patrick Wardle.

One of the first malware samples designed to work locally via Mac M1s was discovered, suggesting that hackers have begun adapting malware to target the company's latest generation of Mac processors.

While the move to M1 has required developers to create new versions of applications to ensure performance and compatibility, malware authors are taking similar steps to build malware capable of implementing locally across M1 systems.

Wardell detailed an add-on to ads via a Safari browser called GoSearch22, originally written to work across Intel x86 chipsets, but modified to work across ARM-based M1 segments.

The addition was first seen on November 23, 2020, according to a sample uploaded on December 27 thof via the Alphabet-owned antivirus testing platform.

"The add-on collects user data and floods the screen with illegal ads, but it can be updated with more harmful functions," Wardle said.

While M1 Mac devices can run applications designed for Intel x86 chips via simulation, many developers are creating original M1 versions of the software.

Wardle wrote: The presence of GoSearch22 confirms that malware or ad software authors are working to ensure that their malware is already compatible with apple's latest devices.

Although the development highlights how malware continues to evolve as a direct response to hardware changes, Wardle warned that analysis tools or antivirus engines may face difficulties with arm64 dualities, with discoveries from security software dropping by 15 percent when compared to Intel versions x86_64.

GoSearch22 may not be new or dangerous, but the emergence of new M1-compatible malware suggests that this is just the beginning, and more variables are likely to emerge in the future.