LockBit, one of the most notorious ransomware strains, has reportedly been spotted infecting Apple Mac devices for the first time.
Cybersecurity Researcher at MalwareHunterTeam murmured (opens in new tab) Regarding the discovery of “locker_Apple_M1_64” – “Apple’s Mac devices targeting builds of the first confirmed LockBit ransomware sample”. I believe this may be the first time.
Targeting M1-powered devices might make headlines, but 9To5Mac (opens in new tab) It also said that LockBit ransomware builds are “appearing on PowerPC Macs.”
Popular ransomware services
LockBit is currently one of the most widely used ransomware variants. Its creators offer Locker as a Service (Ransomware-as-a-Service, or RaaS), making the tool available to various hacking groups for a fee.
Among recent victims is space exploration company SpaceX. In mid-March, hackers allegedly broke into one of the company’s suppliers and through them obtained classified SpaceX data, including thousands of drawings certified by SpaceX engineers.
At one point, one of LockBit’s affiliates also targeted SickKids, a hospital for sick children. SickKids is a major children’s teaching hospital on University Avenue in Toronto, Canada, affiliated with the University of Toronto School of Medicine. The group was later excommunicated by the creators of LockBit, who also issued an apology and released a free decryption tool.
The group was first discovered about three years ago and is believed to operate outside the United States or China. However, most members of the group speak Russian.
So far, ransomware attacks have been contained to most Windows devices, with occasional intrusions into Linux. Apple’s ecosystem has historically been recognized as safe from ransomware.Whether this LockBit variant of his will incentivize more attackers to start targeting his Mac endpoints (opens in new tab) while being seen.