news 3 days ago

Ransomware targeting Mac users was recently discovered on torrent sites

BGR — Yoni Heisler
  • A piece of ransomware targeting the Mac has been making the rounds on torrent sites.
  • The ransomware disguises itself as an app installer for Little Snitch.
  • The software itself isn’t especially sophisticated but macOS users, as a general rule of safety, should refrain from downloading pirated software.

Mac malware doesn’t come along all that often, but when it does it tends to make headlines. The most recent instance of malware targeting Mac users is a piece of ransomware that comes disguised as an installer for the Little Snitch app. The installer link is currently making the rounds on torrent sites and was first noticed on a Russian forum, according to a report from Malwarebytes Labs.

It’s worth noting that the ransomware in question doesn’t appear to be particularly sophisticated compared to some other malware strains we’ve seen spring up in recent years.

“The malware got installed,” Thomas Reed of Malwarebytes notes, “but the attempt to run the Little Snitch installer got hung up indefinitely, until I eventually forced it to quit. Further, the malware didn’t actually start encrypting anything, despite the fact that I let it run for a while with some decoy documents in position as willing victims.”

In order to get the ransomware to start encrypting files, Reed notes that he had to move the time on his system clock ahead by three days, get off his local network, reconnect, and then restart his entire machine a few times in a row. So yeah, this isn’t exactly malware devised with NSA-level precision or sophistication.

What’s more, the encryption process itself wasn’t entirely smooth:

Almost comically, the malware doesn’t even do a suitable job of alerting users how to pay to decrypt their files:

Ransomware can be particularly insidious and damaging, but this piece of ransomware thankfully isn’t as potent as it could otherwise be. Still, it’s not something you want on your computer by any means. The main takeaway, even though it should be obvious at this point, is that you should stay as far away from torrent sites as you can. It’s 2020, and there’s no reason in this age of streaming for anyone to put their machine at risk so they can download movies and applications. As a final point, it’s always good practice to keep a backup of all your important files on the off-chance you click on a malicious link or your machine just happens to spontaneously die on you.

Incidentally, this is the first piece of Mac ransomware we’ve seen in years. In fact, the first piece of ransomware targeting Mac users didn’t even surface until 2016.

Sign up for BGR's Newsletter. For the latest news, follow us on Facebook, Twitter, and Instagram.