Security News > 2021 > February > First Malware Designed for Apple M1 Chip Discovered in the Wild
One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company's latest generation of Macs powered by its own processors.
While the transition to Apple silicon has necessitated developers to build new versions of their apps to ensure better performance and compatibility, malware authors are now undertaking similar steps to build malware that are capable of executing natively on Apple's new M1 systems, according to macOS Security researcher Patrick Wardle.
The rogue extension, which is a variant of the Pirrit advertising malware, was first seen in the wild on November 23, 2020, according to a sample uploaded to VirusTotal on December 27.
For its part, the heavily obfuscated GoSearch22 adware disguises itself as a legitimate Safari browser extension when in fact, it collects browsing data and serves a large number of ads such as banners and popups, including some that link to dubious websites to distribute additional malware.
Although the development highlights how malware continues to evolve in direct response to both hardware changes, Wardle warned that "(static) analysis tools or antivirus engines may struggle with arm64 binaries," with detections from industry-leading security software dropping by 15% when compared to the Intel x86 64 version.
GoSearch22's malware capabilities may not be entirely new or dangerous, but that's beside the point.