Mac computers with Apple's new M1 processors have been on sale for only a few months, but they have already been targeted by cybercriminals. According to security researcher Patrick Wardle, he discovered a malicious application designed specifically for M1.
Wardle explained that an adware extension for the Safari browser called GoSearch22 was originally developed for Intel x86 processors. The extension is a variant of the Pirrit adware for Mac. In its current form, the GoSearch22 is quite low-risk - it collects user data and clutters the screen with ads, but in the future developers may add more serious functions to it.
While emulation can still run applications designed for Intel x86 processors on newer Macs, many developers create software versions specifically for the M1. GoSearch22 is clear proof that malware / adware developers take great care to ensure that their creations are natively compatible with the latest Apple hardware.
Wardle discovered a malicious extension on the VirusTotal platform uploaded there last December. The researcher found that although the platform's anti-virus scanners flagged the x86 version of the adware as malicious, 15% of them did not consider GoSearch22 under M1 malicious. That is, at present, not all anti-virus solutions are fully prepared to eradicate malware designed specifically for systems based on M1 processors.
As researcher Thomas Reed explained to Wired, compiling software for M1 is as easy as flipping a switch in project settings, so hackers may not have to work hard to adapt their malware to Apple's latest processor.