First Malware Running Natively on M1 Chip Discovered

by

Malware specifically tailored to run on Apple's M1 chip has been discovered, indicating that malware authors have begun adapting malicious software for Apple's new generation of Macs with Apple silicon.

macbook air m1 unboxing feature
Mac security researcher Patrick Wardle has now published a report, cited by Wired, that explains in detail how malware has started to be adapted and recompiled to run natively on the ‌M1‌ chip.

Wardle discovered the first known native ‌M1‌ malware in the form of a Safari adware extension, originally written to run on Intel x86 chips. The malicious extension, called "GoSearch22," is a well-known member of the "Pirrit" Mac adware family and was first spotted at the end of December. Pirrit is one of the oldest and most active Mac adware families, and has been known to constantly change in an attempt to evade detection, so it is unsurprising that it has already begun adapting for the ‌M1‌.

The GoSearch22 adware presents itself as a legitimate Safari browser extension, but collects user data and serves a large number of ads such as banners and popups, including some that link to malicious websites to proliferate more malware. Wardle says the adware was signed with an Apple Developer ID in November to further conceal its malicious content, but it has since been revoked.

Wardle notes that since malware for the ‌M1‌ is still at an early stage, antivirus scanners are not detecting it as easily as x86 versions and defensive tools like antivirus engines are struggling to process the amended files. The signatures used to detect threats from malware on the ‌M1‌ chip have not yet been substantially observed, so the security tools to detect and deal with it are not yet available.

Researchers from security company Red Canary told Wired that other types of native ‌M1‌ malware, distinct from Wardle's findings, have also been found and are being investigated.

Only the MacBook Pro, MacBook Air, and Mac mini have Apple silicon chips at this time, but the technology is expected to expand across the Mac lineup over the next two years. Given that all new Mac computers are expected to feature Apple silicon chips like the ‌M1‌ in the near future, it was somewhat inevitable that malware developers would eventually start to target Apple's new machines.

While the M1-native malware that researchers have found does not seem to be unusual or particularly dangerous, the emergence of these new varieties acts as a warning that there is likely more to come.

See Wardle's full report for more information about the first M1-native malware.

Tags: Apple Silicon Guide, M1 Guide

Popular Stories

iOS 26 Feature

iOS 26.1 to iOS 26.4 Will Add These New Features to Your iPhone

Saturday October 18, 2025 11:00 am PDT by
iOS 26 was released last month, but the software train never stops, and iOS 26.1 beta testing is already underway. So far, iOS 26.1 makes both Apple Intelligence and Live Translation on compatible AirPods available in additional languages, and it includes some other minor changes across the Apple Music, Calendar, Photos, Clock, and Safari apps. More features and changes will follow in future ...
Read Full Article109 comments
ios 26 1 liquid glass opaque

iOS 26.1 Beta 4 Lets Users Control Liquid Glass Transparency with New Toggle

Monday October 20, 2025 10:57 am PDT by
With the fourth betas of iOS 26.1, iPadOS 26.1, and macOS 26.1, Apple has introduced a new setting that's designed to allow users to customize the look of Liquid Glass. The toggle lets users select from a clear look for Liquid Glass, or a tinted look. Clear is the current Liquid Glass design, which is more transparent and shows the background underneath buttons, bars, and menus, while tinted ...
Read Full Article191 comments
iphone air thickness

Apple Said to Cut iPhone Air Production Amid Underwhelming Sales

Friday October 17, 2025 8:29 am PDT by
Apple plans to cut production of the iPhone Air amid underwhelming sales performance, Japan's Mizuho Securities believes (via The Elec). The Japanese investment banking and securities firm claims that the iPhone 17 Pro and iPhone 17 Pro Max are seeing higher sales than their predecessors during the same period last year, while the standard iPhone 17 is a major success, performing...
Read Full Article536 comments
iOS 26

iOS 26.0.2 Update for iPhones Coming Soon

Friday October 17, 2025 7:35 am PDT by
Apple's software engineers continue to internally test iOS 26.0.2, according to MacRumors logs, which have been a reliable indicator of upcoming iOS versions. iOS 26.0.2 will be a minor update that addresses bugs and/or security vulnerabilities, but we do not know any specific details yet. The update will likely be released by the end of next week. Last month, Apple released iOS 26.0.1,...
Read Full Article46 comments
Apple iPad Pro hero M5

New iPad Pro Has Six Key Upgrades Beyond M5 Chip

Saturday October 18, 2025 10:57 am PDT by
While the new iPad Pro's headline feature is the M5 chip, the device has some other changes, including N1 and C1X chips, faster storage speeds, and more. With the M5 chip, the new iPad Pro has up to a 20% faster CPU and up to a 40% faster GPU compared to the previous model with the M4 chip, according to Geekbench 6 results. Keep in mind that 256GB and 512GB configurations have a 9-core CPU,...
Read Full Article95 comments
iPhone Siri Glow

Some Apple Employees Have 'Concerns' About iOS 26.4's Revamped Siri

Sunday October 19, 2025 7:39 am PDT by
iOS 26.4 is expected to introduce a revamped version of Siri powered by Apple Intelligence, but not everyone is satisfied with how well it works. In his Power On newsletter today, Bloomberg's Mark Gurman said some of Apple's software engineers have "concerns" about the overhauled Siri's performance. However, he did not provide any specific details about the shortcomings. iOS 26.4 will...
Read Full Article345 comments
HomePod mini and Apple TV

Apple's Next Rumored Products: New HomePod Mini, Apple TV, and More

Thursday October 16, 2025 9:13 am PDT by
Apple on Wednesday updated the 14-inch MacBook Pro, iPad Pro, and Vision Pro with its next-generation M5 chip, but previous rumors have indicated that the company still plans to announce at least a few additional products before the end of the year. The following Apple products have at one point been rumored to be updated in 2025, although it is unclear if the timeframe for any of them has...
Read Full Article92 comments
m4 macbook air blue

M5 MacBook Air Coming Spring 2026 With M5 Mac Studio and Mac Mini in Development

Thursday October 16, 2025 3:57 pm PDT by
Apple plans to launch MacBook Air models equipped with the new M5 chip in spring 2026, according to Bloomberg's Mark Gurman. Apple is also working on M5 Pro and M5 Max MacBook Pro models that will come early in the year. Neither the MacBook Pro models nor the MacBook Air models are expected to get design changes, with Apple focusing on simple chip upgrades. In the case of the MacBook Pro, a m...
Read Full Article116 comments
14 inch MacBook Pro Keyboard

New 14-Inch MacBook Pro Has Two Key Upgrades Beyond the M5 Chip

Thursday October 16, 2025 8:31 am PDT by
Apple on Wednesday updated the 14-inch MacBook Pro base model with an M5 chip, and there are two key storage-related upgrades beyond that chip bump. First, Apple says the new 14-inch MacBook Pro offers up to 2× faster SSD performance than the equivalent previous-generation model, so read and write speeds should get a significant boost. Apple says it is using "the latest storage technology," ...
Read Full Article64 comments

Top Rated Comments

casperes1996 Avatar
casperes1996
61 months ago
Good to see more software natively supported
Score: 73 Votes (Like | Disagree)
ck2875 Avatar
ck2875
61 months ago

malware authors have begun adapting malicious software for Apple's new generation of Macs with Apple silicon.
They probably needed to get their malware out the door so they could get the $500 voucher for returning the Dev. Kit. to Apple.
Score: 32 Votes (Like | Disagree)
jasoncarle Avatar
jasoncarle
61 months ago
Wouldn't just not adding rando browser extensions to Safari protect you from this?
Score: 25 Votes (Like | Disagree)
Dark_Omen Avatar
Dark_Omen
61 months ago
I wish I was a loser that had no life to the point where I create malware to infect other people's machines.

Oh wait, no I don't.
Score: 12 Votes (Like | Disagree)
baryon Avatar
baryon
61 months ago
But Safari extensions were long deprecated ever since Catalina, and now you can only install them from the App Store, for this very reason, to prevent malware. How is this even still possible?
Score: 11 Votes (Like | Disagree)
farewelwilliams Avatar
farewelwilliams
61 months ago
Dunno, I thought Chrome was the first malware for eating all the CPU cycles and memory.
Score: 7 Votes (Like | Disagree)
Read All Comments