During the last a number of years, LockBit has change into one of the vital highly effective ransomware gangs. Whereas it has centered on Home windows, Linux, and digital host machines, it appears just like the group has developed its first ransomware for Macs.
Found by MalwareHunterTeam (by way of Brett Callow), what appears to be the primary ransomware construct designed for macOS has surfaced on the internet. Whereas it’s not absolutely clear, it could even be the primary time a serious ransomware gang is focusing on Apple units.
As a little bit of background, LockBit is believed by safety analysts to be a Russian-based group as a lot of the members are Russian-speaking. Nonetheless, the chief has mentioned he operates out of the US or China.
LockBit has grown because it runs a ransomware-as-a-service (RaaS) operation. That method means the group lets others use their ransomware – for a worth.
It appears like this LockBit ransomware was created for Apple Silicon Macs with the construct identify being “locker_Apple_M1_64.”
Whereas infosec Twitter account vx-underground talked about the looks of this LockBit ransomware for Mac exhibiting up in a single place with a date of November 2022, MalwareHunterTeam says they haven’t discovered any mentions of it on-line and I discovered the identical, so it seems it could have gone beneath the radar till now if it was round since final fall.
In any case, MalwareHunterTeam believes that is the primary public alert about LockBit going after Apple units. And with the gang’s RaaS method, it’s potential we might see an incoming wave of ransomware assaults focusing on Macs.
Curiously, whereas the M1 ransomware construct could seize probably the most consideration, a LockBit ransomware construct can be exhibiting up for PowerPC Macs.
Talking with Wired earlier this yr, Jon DiMaggio from Analyst1 shared that one of many causes LockBit has grown so highly effective is its chief’s enterprise savvy.
“They’re probably the most infamous ransomware group, due to sheer quantity. And the rationale for his or her success is that the chief is an efficient businessman,” says Jon DiMaggio, chief safety strategist at Analyst1 who has studied LockBit’s operations extensively. “It’s not that he’s obtained this nice management functionality. They made a point-and-click ransomware that anybody might use, they replace their software program, they’re consistently in search of consumer suggestions, they care about their consumer expertise, they poach folks from rival gangs. He runs it like a enterprise, and due to that, it is vitally, very enticing to criminals.”
Associated:
FTC: We use revenue incomes auto affiliate hyperlinks. Extra.
