Just saw this earlier:

https://www.macworld.com/article/36...-sparrow-virus-and-no-one-knows-why.html

I downloaded and ran the latest version of Malwarebytes, and nothing was found. Last week I ran ClamXAV, and again, nothing was found.

As a MalwareBytes Premium user (which automatically updates and scans every hour or so) your post raised my curiosity and searched MalwareBytes threats and ClamXV for silver sparrow and neither currently identifies silver sparrow in its Mac threat list. Therefore it is not unreasonable to conclude they likely have no signature for silver sparrow yet, and without the silver sparrow signature neither product can detect it. So although both products gave your system a one shot clean bill of health it is likely meaningless as far as a potential silver sparrow infection. Even if they did have the silver sparrow signature a one shot scan does not mean you system is still clean even minutes after such a scan.

Just saying.

NOTE: Threat lists can be deceptive because not everyone uses the same name for a given threat although silver sparrow is getting enough press that is less likely.

Thanks for the information. And yes, just because neither of those programs found anything at the time such scans were done, who's to say if it is not present after those scans?

Apple has taken steps to eradicate mysterious malware strain

With regard to the MalwareBytes threats, that appears to be a Windows only listing. I should also point out that Silver Sparrow is not technically a threat and there is no evidence it ever was.

The macOS Silver Sparrow write up is here https://blog.malwarebytes.com/detections/osx-silversparrow/.

And I can attest that MalwareBytes for Mac has been detecting the critical elements of this infection since at least last Friday.

The proprietary ClamXAV database (as differentiated from the ClamAV database) is not generally searchable, so not sure where you looked, but components of Silver Sparrow are currently detected by ClamXAV as either Trojan.OSX.Generic or Trojan.OSX.SilverSparrow.

Thanks for that information. As I mentioned above, neither the latest version of Malwarebytes (released the other day) nor ClamXAV found anything on my late 2018 Mac Mini.

Also, what is the difference between the "ClamXAV database" and the "ClamAV database"? I assume the program ClamXAV uses the ClamXAV database.

I emailed ClamXAV and they give their reason for not detecting silver sparrow below.



I have a feeling that the poster of the comment has got us partially confused with ClamAV, as we do not make our threat list or malware database public. Additionally, we have had silver sparrow on our database since before it was reported by the press. If they haven't had their copy of ClamXAV detect silver sparrow, it's because they aren't infected by it. Here is a screenshot of Silver Sparrow detected by ClamXAV.

jaybass

Wonder what the difference is between CalmXAV (which I have) and ClamAV?

ClamAV is an open source antivirus tool developed for Unix, ClamXAV is adapted for MacOS X. I don't know if this is still true but IIRC they originally used the same signature file.

OS 10.12.6

ClamXAV just notified me of a silver sparrow virus and immediately put in the trash from which I deleted it. After informing me of this virus, I got an immediate update.

jaybass

Hmm, interesting. ClamXAV actually just came out with a newer version, and I have already downloaded and installed it. I'll run it now and see what it tells me.

Update: OK, ran the new version on my late 2018 Mac Mini running the latest version of Catalina, OS 10.15.7, and nothing found.