Researchers have discovered a ransomware that infects Macs and either encrypts or prevents access to users’ files.
The ransomware is probably the first of its kind to infect Macs and is being used to extort money from unsuspecting Mac users.
Researchers at security firm FortiGuard Labs recently stumbled on a Ransomware-as-a-service (RaaS) named MacRansom that uses a web portal hosted in a TOR (dark web) network. They claim this is the first time that they identified a ransomware that attacks MacOS devices.
MacRansom is seen as an exception considering that majority of ransomware attacks are conducted on systems running Microsoft’s Windows operating system. According to FortiGuard Labs, this is because 91.64% of computers across the world run the Windows operating system while only 6.34% run Apple’s MacOS.
The recent discovery is also the first in eleven months as far as MacOS-affecting malware are concerned. In July of last year, security researchers at ESET discovered a Mac malware that installed backdoors and stole users’ Keychain passwords. Experts said that the malware could be delivered via malicious emails or downloads from untrusted websites.
Even though usage of Windows operating system is much larger compared to Apple’s MacOS, the fact that more and more people are switching to Macs suggests that hackers have a lot to gain by infiltrating Macs and extorting money from users.
“Cyber criminals are motivated to target specific operating systems such as Mac and Windows by how high their chances of success are. In the past, when more people were using Windows than MacOS, it made more sense for cyber criminals to focus their energies there, giving rise to the false perception that Apple products were more secure,” said Steve Mulhearn, Director of Business Development at Fortinet.
“However, as the number of people using MacOS increases, so too does the incentive for cyber criminals to target them, so we can expect to see more malware tailored specifically to it,” he added.
Even though the new ransomware isn’t as sophisticated as the latest ones targeting Windows-based systems, it has the ability to stay invisible from users until it is executed, can encrypt users’ files using 128-bit industrial standard encryption to force users to pay ransom, can encrypt a Mac’s entire home directory in under a minute and leaves no digital trace, making it difficult for cyber-security authorities to catch hackers behind the ransomware.
The new-found ransomware has destroyed an overwhelming impression that Macs are immune from malware and ransomware attacks. Even though Apple uses strict programming etiquette, MacOS is not totally immune from hackers and can be exploited through various means.
“More needs to be done to educate end-users that even if they use Mac, they cannot afford to be lax when it comes to security. Cyber criminals are playing a numbers game. If there’s money to be made from targeting Mac-users, then the number of attacks is sure to rise,” Mulhearn said.