For those unfamiliar, the M1 chipset is the new chipset that Apple is using for their Mac computers as they move away from Intel’s processors. It is based on the ARM architecture, similar to the A-series chipset that Apple uses for their iPhones and iPads. According to Wardle, one of the malware discovered comes in the form of an adware extension for Safari that was initially written to run on Intel x86 chips, but it has since been adapted for the M1.
Given that this is relatively new, at least as far as M1 malware is concerned, Wardle notes that antivirus software might not be able to detect it. Thankfully, the malware discovered doesn’t seem to be particularly dangerous and it seems to be more annoying and disruptive rather that destructive, but still, malware is malware.
We expect that Apple will eventually over time improve on the security of its M1 chipsets, and that antivirus scanners will also start to pick up on these M1 malware variants. Speaking to WIRED, Malwarebytes researcher Thomas Reed adds, “It definitely was inevitable—compiling for M1 can be as easy as flicking a switch in the project settings. And honestly, I’m not at all surprised by the fact that it happened in Pirrit first. That’s one of the most active Mac adware families, and one of the oldest, and they’re constantly changing to evade detection.”