A potential ransomware threat on macOS, coming from the group LockBit, was recently discovered by the group of cyber security researchers, MalwareHunterTeam.
Apparently, this would be the first form of ransomware developed for macOS.
The group LockBit, notorious for developing ransomware for operating systems Windows, apparently develops malware that can encrypt files on devices running the operating system macOS for the Apple. Researchers have analyzed the malware to determine how big a threat this ransomware actually represents.
Table of Contents
Potential ransomware threat on macOS, in 2023
MalwareHunterTeam reported on Sunday (16.04.2023) that they discovered what appears to be the first malware for macOS developed by a well-organized group specialized in ransomware.
Shortly, VX-Underground, which collects malware code sources, found evidence that the malware has been around for at least a few months, more precisely in November 2022. It seems that until now, this virus managed to stay hidden and not be detected by antimalware applications , such as VirusTotal.
But there is good news for Mac users. The security expert Apple, Patrick Wardle, analyzed the version of macOS a LockBit and discovered that although it can run on Mac and can encrypt files, it currently poses no real risk to users.
First of all, the analyzed malware sample was digitally signed, but not with a trust certificate (trust), which means that macOS prevent its running. Wardle also pointed out that even if such ransomware finds a way to run on a device macOS, the file system protections implemented by Apple, Such as TCC (Transparency, Consent, and Control), will most likely significantly limit the impact of this ransomware. It is an effective measure by which the user is protected from ransomware on macOS.
The researcher also discovered that the malware has bugs that can cause it to stop suddenly while running on macOS. Most likely, due to some incompatibilities, because strings of characters of this malware suggest that it is actually a modified version of Windows.
How can you protect yourself from viruses on your Mac? Ransomware and other types of malware
As far as I'm concerned, I'm a Mac user, of course 12 years, and I never had an antivirus installed. Whether it was about iMac or MacBook, sometimes when I suspected something I did a full scan with Malwarebytes. I have never had a malware and even less a ransomware on macOS.
The first security measure to protect yourself from viruses on your Mac is awareness. Pay attention to which applications you install, from which sources, and do not make changes in macOS which allows the installation of applications without a valid digital signature. That is, don't use tricks like the one detailed here: [Solve] App can't be opened because Apple cannot check it for malicious software.
It is very important to pay attention to which sites you access, the sources from which you allow the installation of applications on macOS, and above all, never use applications from sites with fraudulent content.
