Malware Creators Already Targeting Apple M1 CPUs
Your MacBook could get malware.
That didn't take long. Wired today reported that malware creators have started targeting Apple's first desktop processor, the M1, just a few months after its debut.
Wired cited a blog post from Mac security researcher Patrick Wardle, who discovered that Safari adware made for Intel CPUs had been updated for Apple silicon, and reported that Red Canary is also "investigating an example of native M1 malware."
Apple introduced the M1 in November 2020 as the first part of its two-year plan to switch Mac products from Intel processors to Arm-based chips. The chip is currently limited to the latest models of the MacBook Air, MacBook Pro (one of the best ultrabooks / premium laptops), and Mac mini.
This malware arrived sooner than many probably expected. Hackers often focus their efforts on the most lucrative targets, and that's why they often target Windows PCs instead of their Mac counterparts, which have considerably lower market share.
M1-equipped Macs have an even smaller part of the market. TrendForce estimated in January that M1 computers had just 0.8% market share in 2020, and even if they rise in popularity, they're still expected to peak at 7% of the market by summer.
That doesn't mean anyone thought Apple silicon would enjoy security through obscurity forever. The company's plan to phase out Intel CPUs meant the M1 and its descendants were all but guaranteed to attract the attention of malware creators.
The problem is that security researchers aren't ready for this transition. Red Canary intelligence analyst Tony Lambert told Wired that "security tools aren’t ready to deal with" malware tools transitioning from Intel processors to Apple silicon so quickly.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
So what should people with M1-equipped Macs do? Right now the best option is to apply security best practices--remaining wary of unidentified downloads, sketchy websites, etc.--instead of assuming that nobody would bother to target them.
Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.
Zero-day Windows NTLM hash vulnerability gets patched by third-party — credentials can be hijacked by merely viewing a malicious file in File Explorer
US govt says Cisco gear often targeted in China's Salt Typhoon attacks on 8 telecommunications providers — issues Cisco-specific advice to patch networks to fend off attacks