LockBit ransomware group tests encryptors targeting Macs
According to some twitter threads published by cybersecurity researchers vx-underground and MalwareHunterTeam, the major ransomware operation LockBit has created encryptors specifically targeting MacOS for the first time.
"locker_Apple_M1_64": 3e4bbd21756ae30c24ff7d6942656be024139f8180b7bddd4e5c62a9dfbd8c79
— MalwareHunterTeam (@malwrhunterteam) April 15, 2023
As much as I can tell, this is the first Apple's Mac devices targeting build of LockBit ransomware sample seen...
Also is this a first for the "big name" gangs?
🤔@patrickwardle
cc @cyb3rops pic.twitter.com/SMuN3Rmodl
Lockbit ransomware group has created their first MacOS-based payload. We believe this is the first time a large ransomware threat group has developed a payload for Apple products.
— vx-underground (@vxunderground) April 16, 2023
We have samples.
Intel via @malwrhunterteam & @BrettCallow
Download: https://t.co/bMGJXWYvc3 pic.twitter.com/My9ZtAHCcq
These encryptors were discovered by cybersecurity researchers on Virustotal and include one called ‘locker_Apple_M1_64’, which targets newer Macs running Apple Silicon.
However, the encryptor appears to be a test and was not intended to be used in live cyber attacks. It is possible that more advanced and optimised encryptors for MacOS and other CPU architectures may appear in the future, so all computer users, including Mac owners, should practice good online security habits to protect themselves.
Indicators of Compromise
HASH |
---|
3e4bbd21756ae30c24ff7d6942656be024139f8180b7bddd4e5c62a9dfbd8c79 |
bf3ebc294870a6e743f021f4e18be75810149a1004b8d7c8a1e91f35562db3f5 |