Contact Me By Email

Saturday, February 20, 2021

Ace Live Reveals Why He Left The United States And Now Lives His BEST LIFE

New malware found on 30,000 Macs has security pros stumped | Ars Technica

New malware found on 30,000 Macs has security pros stumped

Dan Goodin
Ars Technica
    Jayson Photography / Getty Images
    Jayson Photography / Getty Images

    A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, which are still trying to understand precisely what it does and what purpose its self-destruct capability serves.

    Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

    Also curious, the malware comes with a mechanism to completely remove itself, a capability that’s typically reserved for high-stealth operations. So far, though, there are no signs the self-destruct feature has been used, raising the question why the mechanism exists.

    Besides those questions, the malware is notable for a version that runs natively on the M1 chip that Apple introduced in November, making it only the second known piece of macOS malware to do so. The malicious binary is more mysterious still, because it uses the macOS Installer JavaScript API to execute commands. That makes it hard to analyze installation package contents or the way that package uses the JavaScript commands.

    The malware has been found in 153 countries with detections concentrated in the US, UK, Canada, France, and Germany. Its use of Amazon Web Services and the Akamai content delivery network ensures the command infrastructure works reliably and also makes blocking the servers harder. Researchers from Red Canary, the security firm that discovered the malware, are calling the malware Silver Sparrow.

    Reasonably serious threat

    “Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” Red Canary researchers wrote in a blog post published on Friday. “Given these causes for concern, in the spirit of transparency, we wanted to share everything we know with the broader infosec industry sooner rather than later.”

    Silver Sparrow comes in two versions—one with a binary in mach-object format compiled for Intel x86_64 processors and the other Mach-O binary for the M1. The image below offers a high-level overview of the two versions:

    So far, researchers haven’t seen either binary do much of anything, prompting the researchers to refer to them as “bystander binaries.” Curiously, when executed, the x86_64 binary displays the words “Hello World!” while the M1 binary reads “You did it!” The researchers suspect the files are placeholders to give the installer something to distribute content outside the JavaScript execution. Apple has revoked the developer certificate for both bystander binary files.

    Silver Sparrow is only the second piece of malware to contain code that runs natively on Apple’s new M1 chip. An adware sample reported earlier this week was the first. Native M1 code runs with greater speed and reliability on the new platform than x86_64 code does because the former doesn’t have to be translated before being executed. Many developers of legitimate macOS apps still haven’t completed the process of recompiling their code for the M1. Silver Sparrow’s M1 version suggests its developers are ahead of the curve.

    Once installed, Silver Sparrow searches for the URL the installer package was downloaded from, most likely so the malware operators will know which distribution channels are most successful. In that regard, Silver Sparrow resembles previously seen macOS adware. It remains unclear precisely how or where the malware is being distributed or how it gets installed. The URL check, though, suggests that malicious search results may be at least one distribution channel, in which case, the installers would likely pose as legitimate apps.

    Among the most impressive things about Silver Sparrow is the number of Macs it has infected. Red Canary researchers worked with their counterparts at Malwarebytes, with the latter group finding Silver Sparrow installed on 29,139 macOS endpoints as of Wednesday. That’s a significant achievement.

    “To me, the most notable [thing] is that it was found on almost 30K macOS endpoints... and these are only endpoints the MalwareBytes can see, so the number is likely way higher,” Patrick Wardle, a macOS security expert, wrote in an Internet message. “That’s pretty widespread... and yet again shows the macOS malware is becoming ever more pervasive and commonplace, despite Apple’s best efforts.”

    For those who want to check if their Mac has been infected, Red Canary provides indicators of compromise at the end of its report."

    New malware found on 30,000 Macs has security pros stumped | Ars Technica

    Thursday, February 18, 2021

    NASA’s Perseverance rover has just landed on Mars After a harrowing plunge through the thin Martian atmosphere, the robotic explorer ‘Percy’ can begin its landmark hunt for signs of ancient life

    NASA’s Perseverance rover has just landed on Mars

    After a harrowing plunge through the thin Martian atmosphere, the robotic explorer ‘Percy’ can begin its landmark hunt for signs of ancient life

    The Perseverance rover took its first image of the dusty Martian surface mere moments after touching down on February 18, 2021.


    It’s wheels down for the newest robot to inhabit Mars. Just before 4 p.m. eastern time, the hulking, multibillion-dollar NASA rover Perseverance landed safely on the red planet after a 300-million-mile journey and a nerve-racking plunge to the Martian surface.

    "Touchdown is confirmed" said Swati Mohan, an engineer on the Perseverance team. 

    The one-ton, nuclear-powered Perseverance made a swift, acrobatic descent through the thin Martian atmosphere that, if all went well, has been captured on video for the first time. The rover autonomously timed its movements so that it would alight within a roughly four-mile-wide landing ellipse in Mars’s Jezero Crater, which once hosted a deep and potentially long-lived lake. 

    Perseverance then confirmed its safe arrival with a signal relayed to Earth via the Mars Reconnaissance Orbiter—and it sent its first photos from its perch on the surface, sparking socially distanced celebrations at NASA’s Jet Propulsion Laboratory in California. In JPL’s mission control, matching face masks muffled shouts of excitement, but the team’s relief and jubilation was still very evident.

    “These missions are hard—there are a lot of things that have to go right,” says JPL’s Jennifer Trosper, Perseverance’s deputy project manager. “There are no guarantees. That’s what makes it exciting.” 

    The rover’s mission is ambitious: to seek signs of ancient life on the red planet. It will be the first of NASA’s five rovers to sniff around for traces of long-dead Martians—inhabitants of a world that, for its first billion years or so, was warmer and wetter than the dusty planet we see today. 

    To help scientists search for clues that Mars might have been a living planet, Perseverance will stuff its pockets with rock samples that will eventually be returned to Earth for detailed scrutiny. The answer to whether life ever existed on Mars could be locked inside those interplanetary souvenirs. Or, if scientists get really lucky, the rover could find answers as it aims its suite of instruments at Jezero’s formerly watery terrain.

    “Our journey has been from following the water to seeing whether this planet was habitable, and finding complex chemicals,” NASA associate administrator Thomas Zurbuchen said during a call with reporters earlier this week. “And now we're at the advent of an entirely new phase.”

    Now that the rover is safely on Mars, mission teams are shifting to the first phases of surface operations. 

    300 million miles to another world

    Perseverance set sail for Mars on July 30, 2020. For seven months, it cruised through space tucked up inside its spacecraft like a bug inside its protective shell. The rover’s six wheels were pulled inward, its mast and robotic arm folded, and a small helicopter named Ingenuity was snuggled beneath its belly. Teams at JPL periodically woke the rover during the flight, testing its onboard systems and grabbing a brief audio clip via its onboard microphones.

    “I was, I think, the first person to receive the audio files when we turned on the microphone during cruise,” says JPL’s Adam Nelessen. “And to hear kind of a mechanical whirring sound, to experience [spaceflight] in that other sense, is really visceral and thrilling.”

    But on February 18, the most crucial portion of the rover’s journey began—a do-or-die sequence of events known as entry, descent, and landing, or EDL.

    “There’s no partial credit in EDL,” says team member Gregory Villar. “There are thousands of little things, and large things, that can go wrong.”

    During the end of its cruise phase, Perseverance was zooming toward Mars at a blazing 12,100 miles an hour—much too fast to land safely. Once it hit the Martian atmosphere, the drag on the spacecraft slowed its descent to less than 1,000 miles an hour, and then a parachute slowed it to about 200 miles an hour. 

    But that planet’s air is too thin for a parachute alone to safely deposit such a heavy machine, so it then initiated a sequence of carefully choreographed maneuvers to further slow its descent. After deploying its chute, ditching its heat shield, and finding a safe spot to land, Perseverance completed the last leg with the help of a somewhat improbable-sounding device called a sky crane.

    Essentially a rocket-powered jetpack that lowers the rover on tethers, a sky crane was used once before to safely set the Curiosity rover in Mars’s Gale Crater in 2012. Previous landings have solely relied on parachutes and on-board retrorockets, or a cocoon of 24 airbags. But those methods would not work with a robot as hefty as Perseverance. 

    “Some of the greatest ideas seem crazy at the start, right?” Nelessen says. “People think it’s wild when you break from the norm, but you kind of have to do that to take it to the next level."

    After separating from the parachute, the sky crane’s retrorockets slowed the rover’s descent to roughly 17 miles an hour. About 70 feet above the ground, it then gingerly lowered Perseverance to the ground using three nylon cables. Once the tethers were severed, the sky crane flew off and faceplanted far enough away to avoid complicating the rover’s surface operations. 

    Only NASA animations could show how the process unfolded for Curiosity. But this time, the space agency set out to capture the action on video. If everything went to plan, six cameras should have caught the complex EDL acrobatics, three staring at the unfurling parachute and the rest watching the rover and the sky crane. Engineers also attached a microphone to the rover, and over the coming weeks, as the data are downloaded and processed, NASA will release the sights and sounds of a rover plunging to an alien surface.

    “I can’t say enough how thrilling I think it’ll be to have the video and the sound, to feel like you’re there, riding along,” says Nelessen, who’s on the JPL team responsible for the footage. 

    Getting the rover’s bearings

    Now in Jezero Crater, the rover’s work begins in earnest. During its primary mission, Perseverance will read the geologic history of Jezero and look for any clues about past alien inhabitants. It will also select and cache rock samples that a future rover will fetch and return to Earth sometime within the next decade. 

    After an intense competition among landing sites, scientists selected Jezero from four final contenders because of clear evidence that it was once filled with water, and because a massive river delta near the western crater rim is rich in sediments that could preserve biological material. 

    But Jezero, with its boulders, cliff edges, and potentially problematic sand traps, wasn’t the safest place to send a rover—and Perseverance wouldn’t have been able to make it there without some upgrades to previous landing technologies.

    “We basically told the scientists, you can go to any site you want,” Villar says. “And that was never really a thing in the past.”  

    For one, automated software helped the rover guide itself to a hazard-free landing zone during its descent. Yet even with that extra precision, the team could not be sure where Perseverance would first set wheels on Mars. Over the next day or so, using data from spacecraft in Mars orbit and from the rover itself, scientists will pinpoint the rover’s exact landing location and orientation—which is essential for planning its first surface journeys and for communicating with Earth.

    “Over the history of Mars exploration, scientists have compromised on where they want to land, and the questions they can answer based on the landing technology we have,” says Robin Fergason of the U.S. Geological Survey, whose team helped Perseverance navigate to Jezero. “For the first time we can have far more hazards in our landing ellipse than we’ve ever had before. We’re able to go to far more scientifically interesting and exciting locations.”

    Stretching its wheels

    During the rover’s early days in Jezero, teams will be focusing on checking out the onboard systems and making sure everything is working properly.

    “The very first day we don’t do much, because we land in the afternoon, and Earth is already set,” Trosper says, referring to the fact that our home world will have sunk below the Martian horizon from the rover’s perspective. That means any communication with the rover will rely on orbiting spacecraft, which will be flying overhead every several hours or so. Onboard software will start switching over to surface operations mode, and the team will unlock some of the rover’s appendages that were stowed during flight and descent. 

    Perseverance will snap some images from its perch on the surface, and those should be relayed back to Earth via one of the orbiters. And then the rover will go to sleep to recharge its batteries, waking only if an orbiter is near.  

    Over the next few Martian days, Perseverance will deploy its high-gain antenna and try to find Earth while making sure it can keep its batteries charged and onboard instruments warm. Once the team is satisfied that the rover is on stable ground, it will deploy its remote sensing mast, where multiple cameras are located, and take a series of 360-degree panoramas. The rover will continue slowly transitioning from its landing software to surface software, a process that Trosper says will take about a week. 

    “It’s a dance, a lot of steps, and it’s on Mars, and if it goes bad … it’s hard,” Trosper says. “This is my fifth rover, and I’ve been part of every rover anomaly we’ve ever had, and you just really don’t want to get into these situations.”

    Once the software checks are complete, about a week or two into the mission, the rover will move its robotic arm and go for a short spin. It’ll continue to test onboard instruments, and likely in a few months, the Ingenuity helicopter will make its first attempt at powered flight on another planet. 

    Then the mission will begin in earnest as the six-wheeled rover sets out to answer one of the most profound questions humankind can ask: Are we alone? For more than a century, we’ve thought that answer could lie on Mars, a planet that has perpetually seduced us with various promises of life, whether intelligent or single-celled. 

    The arid landscapes we see today are in all likelihood uninhabited, but billions of years ago, water pooled and flowed over the Martian surface. Life, if it could take hold, had a chance to thrive. And now, finally, after dreaming about finding life among the stars, and imagining what it might look like on Mars—we could find out if aliens once resided on the red planet.“