Area 1 Security’s Response to Silver Sparrow

Security Bulletin: Silver Sparrow Malware Affecting Apple Mac Products


Area 1 Security is aware of the Silver Sparrow Malware that is currently affecting Apple Mac products utilizing both the Intel x86_64 architecture as well as the new M1 ARM64 chip set.

Researchers at Red Canary and Malwarebytes have stated that Silver Sparrow utilizes malicious JavaScript to initiate a persistent command and control connection and take over the affected machines. The malware is installed on machines via a .pkg file named “updater [dot] pkg”.

Area 1 Security Response

  • Area 1 does not allow .pkg or other executable files to be delivered via email. This protects our customers from being able to install the malicious files on their machines via email.
  • Area 1 has also added the known command and control URL’s to our global protection for all of our customers.
  • Area 1 will continue to monitor any new information that becomes available and update our protections accordingly.

Area 1 Security Recommendations

Area 1 Security recommends that our customers take full advantage of the information available regarding the Silver Sparrow malware and utilize a strong Endpoint Protection platform to monitor any Mac’s in the customer environment.

To download a printable version of this Area 1 Security Bulletin, click here.

Kevin Wilson is a Sr. Product Manager at Area 1 Security. Throughout his 14 year in Cyber Security, Kevin has been an Analyst and Engineer in various organizations such as the U.S Navy, First Data, and Lowe’s. Previously he served as the Global Information Security Officer at Guess? Inc as well as a Product Manager for McAfee.


[1] Malwarebytes Labs
[2] Red Canary

Want to keep up to date with the latest phishing trends? 

Subscribe to our newsletter here!


How to replace your email gateway with Cloudflare Area 1

Leaders and practitioners responsible for email security are faced with a few truths every day. It’s likely true that their email is cloud-delivered and comes with some built-in protection that does an OK job of stopping spam and commodity malware.

Introducing email link isolation – Email gateway replacement playbook

This week was a big one for us at Cloudflare, one of our four innovation weeks which we hold annually, showcasing new developments, product news and reference architectures.

Superhero strategies for the Phish Fight

Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.