Apple has always been proud of its ability to protect users from threat actors, thanks to its strong security system. Malware is rarely an issue, yet security researchers have found reason to believe that the LockBit ransomware gang may be targeting Apple computers.
LockBit Going After Apple Computers
LockBit is among the biggest ransomware gangs, which has already demanded at least $100 million worth of ransom. MalwareHunterTeam, a group of security researchers, found a ransomware build with the purpose of compromising Mac devices.
If this is true, then it marks the first time that a ransomware gang has targeted Apple computers. According to Engadget, the LockBit ransomware gang may have even been developing this since last fall and it was only found now.
The LockBit ransomware gang has always been targeting other systems like Windows, Linux, and virtual host machines. Although, they are more of a "ransomware-as-a-service" or RaaS type of operation, wherein they simply build the malware that's used against systems.
Even the US Department of Justice called the LockBit ransomware group one of the most active and destructive ransomware variants in the world. In the US alone, the hacker group has already had around 1,000 victims.
While Apple's security is arguably top-of-the-line, malware that is specifically developed to get through the tech giant's protection might just be enough. With this news, Apple might release a macOS update that will help users avoid suffering a breach from the specific malware.
How Worried Should Mac Users Be?
Although Apple can be trusted to create measures to prevent this, especially since the company prides itself on its security systems, LockBit is also capable of a great deal. It has been linked to many high-profile ransomware incidents in the past.
Being the most notorious RaaS, they are reportedly responsible for approximately 40% of ransomware incidents globally. One of the variants is known as LockBit 3.0, wherein a user's wallpaper would state that their files have been encrypted.
The message will also include instructions on a .txt file on how to proceed with the hack. The victim will then have to contact the threat actor and they will have to negotiate the ransom payment to get their files back.
While the ransomware group doesn't usually target company giants and mainly focuses on small to medium-sized businesses, there have been instances when they targeted bigger organizations, as mentioned in TripWire.
Some of the high-profile victims they've been linked to so far are Accenture, Foxconn, and automobile company Continental. UK Royal Mail's overseas operations have also been affected by what is suspected to be a LockBit cyebr attack.
It would be hard to take the criminal operation down because of the way it operates. They simply develop the malware, and a different threat actor will release and infect other systems and the RaaS group will get a share of the ransom.
The way you can minimize the damage is by creating an offline backup of important files, so having your data encrypted will not affect you greatly. It's also advised that you encrypt important data, use unique passwords, and update your security systems regularly.