MAC Tech: Hackers are selling Mac ransomware that could cause 'real damage'


The idea that Mac computers are more secure than Windows machines might be a myth.
Security researchers have found two types of malicious software which apparently target Macs for the first time.

Ransomware — malicious software that encrypts your data and then demands payment for decryption — is more commonly a problem for Windows users, but it's also recently been a growing problem for Macs.
What's still less common on Macs is ransomware-as-a-service (RaaS) schemes.
These are essentially affiliate models, where attackers use someone else's ransomware package to launch an attack. They then hand over a cut to the ransomware author. The advantage is that you don't need to be particularly tech-savvy to launch an attack by using someone else's code. Attackers haven't bothered targeting Macs, because most people use Windows.
It looks like that's changing.
Research firm Fortinet found a RaaS programme called MacRansom advertised on the dark net, and while the programme doesn't sound all that sophisticated, could still do "real damage." We first saw the news on the BBC.
Fortinet's researchers contacted MacRansom's creators directly and received a message back. The creators claimed to be engineers for Yahoo and Facebook and that they were making their malware available "for free" because more people were buying Macs.
"Unlike most hackers on the darknet, we are professional developers with extensive experience in software development and vast interest in surveillance," the anonymous authors wrote.
These are probably tall claims. Fortinet analysed MacRansom and described it as "far inferior" to equivalent programmes that target Windows machines, but said it could still cause mayhem.
"It doesn't fail to encrypt victim's files or prevent access to important files, thereby causing real damage," the company wrote.
Fortinet advised Mac users to regularly backup their machines and be suspicious when opening unusual files.
Another set of researchers at AlienVault discovered more malware created by the MacRansom authors — this time malicious software that reads your files.
MacSpy was advertised similarly to MacRansom, and claimed to hoover up victims' files, offer access to social media accounts, and disguise itself as a legitimate file.
AlienVault's researchers said as more people buy Macs, there'll be more instances of targeted malware.
They wrote: "While this piece of Mac malware may not be the most stealthy program, it is feature rich and it goes to show that as OS X continues to grow in market share and we can expect malware authors to invest greater amounts of time in producing malware for this platform." According to Netmarketshare figures, more than 90% of the world's computers run Windows. The second most popular operating system is Mac OS at 6%.

Comments