LockBit has developed into one of the most potent ransomware organizations during the past few years. Although the gang has mainly targeted Windows, Linux, and virtual host machines, it appears that it has created its first ransomware specifically for Macs.
What appears to be the first ransomware build created for macOS has been seen online, according to MalwareHunterTeam. Although it’s unclear, it might also mark the first time a significant ransomware group has targeted Apple devices. For some context, security analysts think that LockBit is based in Russia because the majority of the members speak Russian. The leader has stated that he is based in either China or the US.
While the infosec Twitter account vx-underground mentioned the appearance of this LockBit ransomware for Mac appearing in one place with a date of November 2022, MalwareHunterTeam says they haven’t found any mentions of it online, and I found the same, so it appears it may have gone unnoticed until now if it was around since last fall.
In any case, according to MalwareHunterTeam, this is the first public warning that LockBit is targeting Apple devices. Additionally, given the gang’s RaaS strategy, it’s probable that a new wave of ransomware assaults specifically targeting Macs is on the horizon.