LockBit Ransomware Marked MacOS On Their Prey’s Radar For The First Time
Lockbit expands its target scope. In the past, it concentrated its attacks on Windows, Linux, virtual host machines, and other industries, however, the group created its first ransomware for Macs.
The Russian-based group continues to go beyond borders as it conducts operations outside the US and China.
New Lockbit Operational Ransomware
MalwareHunterTeam discovered what seems to be the first ransomware concocted for macOS that has emerged on the web. As it stands, it may also be the first time a prominent ransomware gang is targeting Apple products.
Notably, LockBit has thrived as it operates a ransomware-as-a-service (RaaS) operation. This direction means the group lets others use their ransomware – for a price.
Furthermore, it appears that this ransomware was built for Apple Silicon Macs with the build name locker_Apple_M1_64.
On Twitter, the infosec account vx-underground noted that the appearance of this LockBit ransomware for Mac showed up in one place with a date of November 2022.
Meanwhile, MalwareHunterTeam says they haven’t discovered any links to it online and I found the same, so it seems it may have gone under the radar until now if it was around since last fall.
A Security Analyst’s Insight Into LockBit Operations
Jon DiMaggio, chief security strategist at Analyst1 has examined LockBit’s operations broadly and concluded, They are the most notorious ransomware group because of sheer volume. And the reason for their success is that the leader is a good businessman.
However, It’s not that he’s got this great leadership capability. They made a point-and-click ransomware that is user-friendly, they update their software, they’re regularly examining user feedback, they pay attention to their user experience, and they poach people from rival gangs.
He runs it like a business, and because of that, it is very, very attractive to criminals.
In any case, this is the first time LockBit is going after Apple devices. And with the gang’s RaaS system, it’s feasible we could see an incoming surge of ransomware attacks marking MacOs as target.
