Security researchers are examining newly discovered Mac ransomware samples from the notorious gang LockBit, marking the first known example of a prominent ransomware group toying with macOS versions of its malware.
Ransomware is a pervasive threat, but attackers typically don’t bother creating versions of their malware to target Macs. That’s because Apple’s computers, while popular, are much less prevalent than those running Windows, Linux, and other operating systems. Over the years, though, samples of seemingly experimental Mac ransomware have cropped up a couple of times, creating a sense that the risk could escalate at any moment.
Spotted by MalwareHunterTeam, the samples of ransomware encryptors seem to have first cropped up in the malware analysis repository VirusTotal in November and December 2022, but went unnoticed until yesterday. LockBit seems to have created both a version of the encryptor targeting newer Macs running Apple processors and older Macs that ran on Apple’s PowerPC chips.