Re: Silver Sparrow Virus
|
Joined: Aug 2009
Likes: 16
Moderator
|
Moderator
Joined: Aug 2009
Likes: 16 |
As a MalwareBytes Premium user (which automatically updates and scans every hour or so) your post raised my curiosity and searched MalwareBytes threats and ClamXV for silver sparrow and neither currently identifies silver sparrow in its Mac threat list. Therefore it is not unreasonable to conclude they likely have no signature for silver sparrow yet, and without the silver sparrow signature neither product can detect it. So although both products gave your system a one shot clean bill of health it is likely meaningless as far as a potential silver sparrow infection. Even if they did have the silver sparrow signature a one shot scan does not mean you system is still clean even minutes after such a scan. Just saying. NOTE: Threat lists can be deceptive because not everyone uses the same name for a given threat although silver sparrow is getting enough press that is less likely.
If we knew what it was we were doing, it wouldn't be called research, would it?
— Albert Einstein
|
|
Re: Silver Sparrow Virus
|
|
OP
Joined: Oct 2020
|
As a MalwareBytes Premium user (which automatically updates and scans every hour or so) your post raised my curiosity and searched MalwareBytes threats and ClamXV for silver sparrow and neither currently identifies silver sparrow in its Mac threat list. Therefore it is not unreasonable to conclude they likely have no signature for silver sparrow yet, and without the silver sparrow signature neither product can detect it. So although both products gave your system a one shot clean bill of health it is likely meaningless as far as a potential silver sparrow infection. Even if they did have the silver sparrow signature a one shot scan does not mean you system is still clean even minutes after such a scan. Just saying. NOTE: Threat lists can be deceptive because not everyone uses the same name for a given threat although silver sparrow is getting enough press that is less likely. Thanks for the information. And yes, just because neither of those programs found anything at the time such scans were done, who's to say if it is not present after those scans?
|
|
Re: Silver Sparrow Virus
|
Joined: Aug 2009
Likes: 7
|
Joined: Aug 2009
Likes: 7 |
Jon
macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
|
|
Re: Silver Sparrow Virus
|
|
Joined: Sep 2009
|
With regard to the MalwareBytes threats, that appears to be a Windows only listing. I should also point out that Silver Sparrow is not technically a threat and there is no evidence it ever was. The macOS Silver Sparrow write up is here https://blog.malwarebytes.com/detections/osx-silversparrow/.And I can attest that MalwareBytes for Mac has been detecting the critical elements of this infection since at least last Friday. The proprietary ClamXAV database (as differentiated from the ClamAV database) is not generally searchable, so not sure where you looked, but components of Silver Sparrow are currently detected by ClamXAV as either Trojan.OSX.Generic or Trojan.OSX.SilverSparrow.
-Al- -- Al Varnell Mountain View, CA
|
|
Re: Silver Sparrow Virus
|
|
OP
Joined: Oct 2020
|
With regard to the MalwareBytes threats, that appears to be a Windows only listing. I should also point out that Silver Sparrow is not technically a threat and there is no evidence it ever was. The macOS Silver Sparrow write up is here https://blog.malwarebytes.com/detections/osx-silversparrow/.And I can attest that MalwareBytes for Mac has been detecting the critical elements of this infection since at least last Friday. The proprietary ClamXAV database (as differentiated from the ClamAV database) is not generally searchable, so not sure where you looked, but components of Silver Sparrow are currently detected by ClamXAV as either Trojan.OSX.Generic or Trojan.OSX.SilverSparrow. Thanks for that information. As I mentioned above, neither the latest version of Malwarebytes (released the other day) nor ClamXAV found anything on my late 2018 Mac Mini. Also, what is the difference between the "ClamXAV database" and the "ClamAV database"? I assume the program ClamXAV uses the ClamXAV database.
Last edited by MartyByrde; 02/25/21 11:52 PM.
|
|
Re: Silver Sparrow Virus
|
Joined: Aug 2009
Likes: 2
|
Joined: Aug 2009
Likes: 2 |
I emailed ClamXAV and they give their reason for not detecting silver sparrow below.
I have a feeling that the poster of the comment has got us partially confused with ClamAV, as we do not make our threat list or malware database public. Additionally, we have had silver sparrow on our database since before it was reported by the press. If they haven't had their copy of ClamXAV detect silver sparrow, it's because they aren't infected by it. Here is a screenshot of Silver Sparrow detected by ClamXAV.
jaybass
Last edited by jaybass; 02/26/21 05:16 PM. Reason: screenshot missing
OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
|
|
Re: Silver Sparrow Virus
|
|
OP
Joined: Oct 2020
|
Wonder what the difference is between CalmXAV (which I have) and ClamAV?
|
|
Re: Silver Sparrow Virus
|
Joined: Aug 2009
Likes: 16
Moderator
|
Moderator
Joined: Aug 2009
Likes: 16 |
ClamAV is an open source antivirus tool developed for Unix, ClamXAV is adapted for MacOS X. I don't know if this is still true but IIRC they originally used the same signature file.
If we knew what it was we were doing, it wouldn't be called research, would it?
— Albert Einstein
|
|
Re: Silver Sparrow Virus
|
Joined: Aug 2009
Likes: 2
|
Joined: Aug 2009
Likes: 2 |
OS 10.12.6
ClamXAV just notified me of a silver sparrow virus and immediately put in the trash from which I deleted it. After informing me of this virus, I got an immediate update.
jaybass
OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
|
|
Re: Silver Sparrow Virus
|
|
OP
Joined: Oct 2020
|
OS 10.12.6
ClamXAV just notified me of a silver sparrow virus and immediately put in the trash from which I deleted it. After informing me of this virus, I got an immediate update.
jaybass Hmm, interesting. ClamXAV actually just came out with a newer version, and I have already downloaded and installed it. I'll run it now and see what it tells me. Update: OK, ran the new version on my late 2018 Mac Mini running the latest version of Catalina, OS 10.15.7, and nothing found.
Last edited by MartyByrde; 03/04/21 08:44 PM.
|
|
|
|