LockBit Ransomware Targets Apple Silicon Macs for the First Time

According to PCMag*, Security researchers discovered a new version of the LockBit ransomware which targets Apple’s Mac computers for the first time.

As 9To5Mac reports(Opens in a new window), until now the LockBit ransomware has focused on infecting Windows and Linux machines, but a new build named “locker_Apple_M1_64” suggests macOS infections are imminent. According to MalwareHunterTeam(Opens in a new window), which discovered the new build, there are versions of the ransomware for PowerPC Macs, too. The MalwareHunterTeam hasn’t found any reference to the LockBit ransomware targeting Macs before a first build appeared in November last year, and nobody mentioned its existence before April 16 this year. We could therefore be about to see an influx of Mac ransomware infections, especially if the LockBit gang decides to offer the Mac version of its ransomware as RaaS.

It’s of no surprise that ransomware authors would focus on Macs. In fact, the first ever malware in-the-wild had been developed for Apple computers, way back in the 1980’s. Especially on Mac platform, the major issue for cybercriminals these days is, to find an effective way of distributing their malicious code, rather than the actual architecture of the processor in use. Apple moving away from the Intel line of processors towards an ARM based own development required adaptation by malware authors but to them it’s a “normal reaction to their market”. 

The list of supported CPUs, though, is rather suspicious as it features long abandoned architectures like PowerPC or SPARC. LockBit themselves claim that the M1 Ransomware is “in active development” – to which extend is yet to be seen as well as if there’s also a version for Apple’s latest “M2” line of  processors.

This report can serve as a perfect last call to ramp up protection on your Mac, with macOS’s own means, third party antimalware and due diligence, when it comes to suspicious prompts, mails, software and websites – there’s simply no such thing as an “invincible operating system”

*ESET does not bear any responsibility for the accuracy of this information.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s