According to information provided by MalwareHunterTeam, the LockBit ransomware gang is purportedly working on a new kind of malware that is capable of encrypting data on Apple macOS. Since LockBit has traditionally concentrated on Linux and Windows devices, this would be the first time the malware would target Mac computers specifically.
The ransomware firm is well-known for its RaaS business model, in which it rents ransomware to hackers in exchange for payment. This new piece of malicious software has been given the name locker_Apple_M1_64, and it also exists in PowerPC-specific variants. According to Vx-Underground, a site that analyzes malware samples, the new piece of malicious software known as locker_Apple_M1_64 was discovered for the first time in November 2022 targeting Mac computers. Although it has not been found by any of the anti-malware engines on VirusTotal, there is very little information available regarding this virus since the autumn of last year.
Researchers have observed that the LockBit ransomware gang is broadening the scope of its attacks by going after Macs.
Researchers have observed that the LockBit ransomware gang is broadening the scope of its attacks by going after Macs. This is a major advancement in the strategies that they use. Despite the fact that the virus may be executed on Macs, it does not provide a significant threat owing to a number of considerations. Because the malware sample that Wardle evaluated was not signed by a trustworthy certificate, the macOS operating system would not allow it to function.
Even if the malicious software were successful in penetrating a macOS device, Apple’s file system security technologies, such as Transparency, Consent, and Control (abbreviated as TCC), would mitigate the damage it might do to the system. In addition, the malicious software included flaws, which led experts to the conclusion that it was not yet fit .
In a post on his blog, experts said that the ransomware had a number of bugs and weaknesses, including buffer overflows that result in the program terminating itself prematurely. The introduction of a macOS variant of malware targeting Mac machines by the LockBit ransomware gang is a major breakthrough in the group’s assault techniques. However, according to the findings of Apple’s research, the most recent version of the malicious software does not present a significant threat to macOS computers because of the safety precautions that have been taken.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.