Name

Silver Sparrow

CategoryBackdoor and M1-compatible
Symptoms

Slow performance and system freezing

Infection methodActs like a generic app installer

System damage

Installs more malicious software and sends data back to a host server

Removal

CleanMyMac X Malware Removal tool

It took less than a year for the new M1-based Mac computers to be the target of a significant, global malware attack.

Did you know: Within the first weeks of 2020, Silver Sparrow infected 30.000 Macs in 153 countries.

Being given the name Silver Sparrow, this new malware has both an Intel and M1 version for optimal reach. Thus far, it’s still unknown if it can infect other Apple silicon chips but M1. But the worst part about it is that it’s generic enough, so it’s likely to be installed on thousands of Macs and go completely unrecognized or untraced.

What is Silver Sparrow?

Silver Sparrow is malicious software that opens a backdoor to other malware. Basically, once it’s installed on your computer, it sends a sort of a signal and lets more apps install themselves without you even knowing it.

But it doesn’t stop there. Silver Sparrow stays in contact with a host server and sends copies of your data back as frequently as every hour. Typically, malware does this intending to exploit you for your sensitive or important info.

How did Silver Sparrow get on my Mac?

This is a great question. And hopefully, the answer will excuse you a little bit. Silver Sparrow is installed on Mac by mimicking a generic installer. It will commonly go by two names: update and updater. So, if you’re not paying super close attention, it will seem like your computer is prompting you to install some updates, and that’s it. But lo and behold, it’s actually a much more sophisticated attempt at getting access to your computer.

Removing Silver Sparrow from your Mac

If you think you have Silver Sparrow on your Mac, or maybe you already know you do, you’re not out of luck. Fortunately, there are some steps you can take to get rid of it and clean up your computer.

How to delete Silver Sparrow automatically with CleanMyMac X

One of the easier ways to remove Silver Sparrow — or really any kind of malware — is by using the app CleanMyMac X. You can download it and try it out for free.

When you have it installed on your Mac, just follow these steps to get started:

  1. Open CleanMyMac X (download its free edition here).
  2. In the sidebar, click Malware Removal.
  3. Then, click Scan.
Malware scan in process

That’s all there is to it with CleanMyMac X. Now, that app will be removed entirely from your Mac, and you won’t have to worry about them anymore.

How to remove Silver Sparrow manually

Manually deleting Silver Sparrow requires just a little bit more work. It’s important to make sure that you’re completing the steps so that something doesn’t slip through.

Follow these steps to get rid of Silver Sparrow from your Mac:

  1. Open Activity Monitor. You can use Spotlight or Siri to help you find it. Otherwise, in the Finder, go to Applications > Utilities.
  2. Look for a process that looks suspicious. Typically, it will be one that appears to be generic but is using up a ton of processing resources.
  3. When you find that process, click the Stop icon in the top left.
  4. Confirm to Force Quit the apps.
  5. Then, in Finder, click Go > Go to Folder.
  6. Type Library/LaunchAgents in the dialogue box and press Return.
  7. Finally, check for any suspicious files in that location and then just delete them.

You’ll need to repeat steps 5-7 but change which folder you’re navigating to in Step 6. Here’s a list of folders that you need to go to and look for malicious software:

  • ~/Library/Application Support
  • ~/Library/LaunchAgents
  • /Library/LaunchDaemons

Now that you have all those versions of the folder names, it’s time to get rid of those files. All you need to do is go to the Applications folder and, again, just delete anything that doesn’t look like it should be installed on your Mac.

Once the apps are removed from your computer, the next thing you’ll need to do is remove the browser extension. There are a couple of ways you can go about it, depending on which browser you’re using.

Safari

To remove the malicious extensions in Safari, you’ll need to open Safari and then:

  1. Click Safari > Settings > Extensions.
  2. Find the suspicious extension in the sidebar.
  3. Click Uninstall.
  4. Quit Safari and then open it again.

Google Chrome

Once you have Chrome open, you can get rid of the harmful plugins by following these steps:

  1. In the top-right corner, click the menu button, which looks like three dots.
  2. Click Settings > Extensions.
  3. You should see all of the installed extensions listed. Click Remove.
  4. Quit Chrome and reopen it.

Firefox

If you’re using Firefox at all, then you’ll need to uninstall both the extensions and plugins. Start by opening Firefox and then follow the instructions below:

  1. Click the menu button, which looks like three lines in the top-right corner.
  2. Then, click Add-ons and themes.
  3. In the sidebar, make sure you select Extensions.
  4. Find any suspicious extensions and then click … > Remove.
  5. Next, click Plugins in the sidebar.
  6. Again, find anything questionable and click … > Remove.
  7. Quit Firefox and open it again to make sure the add-ons are gone.

After you get rid of Silver Sparrow

Whether you decide to scan your Mac with CleanMyMac X or manually install anything, it’s always a good idea to use the uninstall feature in CleanMyMac X to look for any. Other malicious apps that you might overlook otherwise.

When it comes to seedy software like this, you don’t know what you don’t know. So, it’s best to let an app that’s designed to find problematic files do most of the heavy lifting for you, and it couldn’t be easier with CleanMyMac X. Here’s what you’ll need to do:

  1. Open CleanMyMac X (download its free edition here).
  2. Under tools in the sidebar, click Uninstaller.
  3. Click All Applications.
  4. Select the apps you want to delete and click Uninstall to remove them.

It’s likely you’ll find apps you’ve completely forgotten about!

After you’re finished uninstalling anything that might look fishy to you, go ahead and restart your Mac. That way, everything else on your computer has a chance to start up fresh again.

Silver Sparrow is a very sneaky piece of software. What is clear is how dangerous and exploitative it can be. The fact that it was able to figure out a way to breach even the M1-based computers is what makes it so problematic. But it’s not all doom and gloom. Now you know what Silver Sparrow is and can be on the lookout for it. Perhaps the most important thing is that you know how to avoid it, or in the absolute worst case, you know what to do if it does end up installed on your Mac.