LockBit Ransomeware Targeting MacOS
Lockbit, a large and prolific ransomware gang have started to prepare their malware to target Apple Mac devices! The new ransomware files were discovered by cybersecurity researcher MalwareHunterTeam. LockBit has typically used encryptors designed for attacks on Windows, Linux, and VMware servers to encrypt environments and demand a ransom after exfiltrating data. It’s a scary development in for businesses who use MacOS. Often these devices are considered very secure and not typically targets of such malware, often leaving them relatively untouched when it comes to business security.
In a message to BleepingComputer, Lockbit said a Mac encryptor is “actively being developed.” Whilst these new malware appear to be early builds and not in an operational state yet it should serve as an early warning that they are planning on being able to leverage and encrypt MacOS in the near future. It’s a great time now before Lockbit have a working malware, to review your business security and ensure your business continuity and disaster plans are up to scratch.
Key questions to think about could be:
- Do you have working, tested backups?
- Are backups air-gapped?
- Do you have a documented plan of how to recover them?
- Is your Antivirus deployed on all devices (including Macs)?
- Are staff trained on what to look out for?