A potential ransomware threat on macOS, coming from the group LockBit, was recently discovered by the group of cyber security researchers, MalwareHunterTeam.
Apparently, this would be the first form of ransomware developed for macOS.
The group LockBit, notorious for developing ransomware for Windows operating systems, is apparently developing malware that can encrypt files on devices running Apple's macOS operating system. Researchers have analyzed the malware to determine how big a threat this ransomware actually represents.
Table of Contents
Potential threat ransomware on macos, in 2023
MalwareHunterTeam reported on Sunday (16/04/2023) that they discovered what appears to be the first macOS malware developed by a well-organized group specializing in ransomware.
In a short time, VX-Underground, which collects malware code sources, found evidence that the malware has been around for at least a few months, more precisely in November 2022. It seems that until now, this virus managed to stay hidden and not be detected by antimalware applications, such as VirusTotal.
But there is good news for Mac users. Apple's security expert, Patrick Wardle, analyzed the version of macOS a LockBit and discovered that while it can run on Macs and encrypt files, it currently poses no real risk to users.
First of all, the analyzed malware sample was digitally signed, but not with a trust certificate (trust), which means that macOS prevents it from running. Wardle also pointed out that even if such ransomware finds a way to run on a macOS device, the file system protections implemented by Apple, like TCC (Transparency, Consent, and Control), will most likely significantly limit the impact of this ransomware. It is an effective measure by which the user is protected from ransomware on macOS.
The researcher also discovered that the malware has bugs that can cause it to stop suddenly while running on macOS. Most likely, due to some incompatibilities, because strings of characters of this malware suggest that it is actually a modified version from Windows.
How can you protect yourself from viruses on your Mac? Ransomware and other types of malware
As for me, I've been a Mac user for more than 12 years, and I've never had an antivirus installed. Whether it was an iMac or a MacBook, sometimes, when I suspected something, I did a full scan with Malwarebytes. I have never had a malware and even less a ransomware on macOS.
The first security measure to protect yourself from viruses on your Mac is awareness. Pay attention to which applications you install, from which sources, and do not make changes in macOS that allow the installation of applications without a valid digital signature. That is, don't use tricks like the one detailed here: [Solve] App can’t be opened because Apple cannot check it for malicious software.
It is very important to pay attention to which sites you access, the sources from which you allow the installation of applications on macOS, and above all, to never use applications from sites with fraudulent content.
