One of the most notorious ransomware gangs appears to have recently begun targeting Mac computers for the first time. In a series of tweets spotted by 9to5Mac, a group of security researchers known as the MalwareHunterTeam said on Saturday they recently found evidence of a Lockbit ransomware build designed to compromise macOS devices. As far as the group is aware, Saturdayās announcement marks the first public notice that Lockbitās ransomware could be used against Apple computers, though it appears the gang has offered that capability since last fall.
“locker_Apple_M1_64”: 3e4bbd21756ae30c24ff7d6942656be024139f8180b7bddd4e5c62a9dfbd8c79
As much as I can tell, this is the first Apple’s Mac devices targeting build of LockBit ransomware sample seen…
Also is this a first for the “big name” gangs?
š¤@patrickwardle
cc @cyb3rops pic.twitter.com/SMuN3Rmodlā MalwareHunterTeam (@malwrhunterteam) April 15, 2023
āI think this is the first time one of the major ransomware players has taken aim at Appleās OS,ā security analyst Brett Callow said, pointing to the significance of the disclosure. As 9to5Mac notes, the LockBit gang has historically focused on Windows, Linux and virtual host machines. The reason being those operating systems are overwhelmingly used by the businesses the groupās partners target. For those who donāt know, the Lockbit gang runs whatās known as a āransomware-as-a-serviceā operation. The group doesnāt directly involve itself in the business of extracting ransoms from businesses. What it does do is build and maintain the malware affiliates can pay to use against an organization. According to an indictment the US Department of Justice unsealed last fall, LockBit is āone of the most active and destructive ransomware variants in the world.” As of late 2022, the software has infected the computer systems of at least 1,000 victims, including a Holiday Inn hotel in Turkey. Itās believed the gangās partners have claimed tens of millions of dollars from victims.
Source: www.engadget.com