For a long time Apple computers were virtually virus-free. This used to be taken – and exploited from the narrative – as a supposed invulnerability of the brand against cyber attacks. Strictly speaking, there is nothing immune in the digital world, and what was actually happening was that Apple’s small market share of desktop and laptop computers (between 4 and 6%) was uninteresting for consumers. pirates
But after the success of the iPod and, above all, the iPhone, that meager participation grew, and although today Microsoft is still ahead of the game with Windows, Macs are beginning to attract attention. You know, criminals always go to very crowded places, and today the Mac operating system has a 17 to 20% market share.
Not just because the bad guys are doing their homework and computer security researchers just discovered the first native malware for Apple’s new M1 chips; it is known as GoSearch22. What does all this mean?
Apple used Intel’s electronic brains in its desktops and notebooks for many years. However, the company has started to design its own chips for desktop computers (it had been doing so for mobiles since 2010), and Tim Cook announced in 2020 a two-year plan to transition from Intel’s architecture to its own, based on ARM; ARM is, to all this, the most used in mobiles. (On the move, memoirs will recall that Apple’s first computers were powered by Motorola chips, then moved to Intel, and are now in the process of converting everything to their own microprocessors.) Thus, the new MacBook Air, mini, and Pro that just hit the market come with the M1 chip inside. M1 is the fancy name for Apple’s new desktop chips.
During this transition, a kind of translator or interpreter will be used (called, predictably, Rosetta; strictly speaking, Rosetta 2) so that applications designed for Intel chips will work on computers with the M1. The transition will end when all Mac applications are natively programmed for M1s. I mean, they won’t need Rosetta. “Rosetta is a very good translator,” he tells THE NATION Patrick Wardle, who discovered the malware and authored a suite of security tools for the Mac – but it’s never going to be as fast as native code and can crash if necessary. ” According to Wardle, this is one of the reasons hackers are busy transcribing malicious programs to work natively on Apple’s new chips.
The malware that has just been discovered belongs to an ancient family, called Pirrit, which originated in Windows and was later transcribed to MacOS (in 2016). It is not, technically speaking, a virus, but rather a Trojan, which disguises itself in various benevolent ways and ends up changing the browser’s web browser and filling everything with unwanted notices.
But what GoSearch22 does is the least. The news matters because Apple is a new and very large wallet player in the chip business, and it has just set foot in the desktop microprocessor market. Intel still leads the industry, but mobility was overlooked and that was a huge blow to the company. The discovery of native malware for Apple’s chips means that hackers see a possible vein in the medium term on computers with the apple logo. Furthermore, according to Francisco Amato, founder of the Faraday computer security company, the market share percentage of Apple equipment is not as large as Windows, “but it represents in many cases machines that are in the hands of senior company executives, and the impact they can have by targeting those targets is very high or tall”.
According to Wardle, there are several reasons why the news is important. “The first, and not surprisingly, is that malicious code continues to evolve in response to changes in both the software and hardware that Apple produces. The second is perhaps more worrying: conventional antiviruses could bypass the version of a virus written specifically for the M1 ”. Wardle tested this with the site VirusTotal and discovered that the new version of the malware was detected 15% less than the one known until now. “Several industry-leading antivirus software, which flawlessly detected the version for Intel chips, failed to scan the new one,” he concludes.