macs are vulnerable to ransomware

I Use an Apple Mac So I’m Safe From Ransomware, Right? WRONG!

“Hello. It looks like you’re writing a letter!” Said Terry, walking passed Phil’s pristine white space-desk; an obsessively compulsed arrangement of curved, white gadgets and bizarrely, to Terry anyway, no need for cable ties.

Terry’s paper clip assistant joke went over Phil’s head. Terry only spoke Windows.

Conversely, designer Phil’s world was full of pastel colors and funky shapes and Dr Dre Beats and italics and clouds and Audrey Tautou films and farmers’ markets and sunsets and fades and friends and haircuts and French bicycles with baskets on the front with artisanal baguettes in and ideas he thought too big for Terry’s inferior, dullard Android brain.

Phil only spoke Mac because he lived in a shiny, happy bubble land where he was safe from attack. Terry hated Phil and Phil hated Terry but this was the workplace and they were professionals.

“Nah; lunchtime. Just reading this.” Replied Phil, looking up from his silver trackpad, tiny specks of pumpkin latte soup flecking his hipster beard, before continuing:

“The NSA are saying that North Korea was behind the WannaCry outbreak.”

“Terrible isn’t it. What’s the cyber-world coming to?” offered Terry in his best Okay, Google voice.

“If the world ran on OSX, this would never have happened. We Mac users don’t even have to think about viruses like you lot… Apple takes care of everything. Better go and update your software patches and antivirus software. I mean… antivirus software? Please! What is this? 1996? Pffft! Money-making scam if you want my opinion…”

Terry didn’t want his opinion. In fact, he was gone. Back to his desk in the accounts department downstairs, because if there was one thing that he was good at, it was fact-checking…

One Google search, a third of a second and about 842,000 results later, Terry was vindicated. “In your face, iBoy!”

MacRansomware-as-a-Service is here!

MacRansomware as a Service

As of June 2017, security experts have discovered ransomware variants that target Macs rather than Windows PCs available for sale as Ransomware-as-a-service (RaaS) on a TOR web portal a.k.a. “The Dark Web.”

MacRansom, MacSpy and Mac RAT malicious code may only able to encrypt 128 files at present and may be “far inferior from most current ransomware targeting Windows” but it’s potentially just as dangerous.

MacRansomware is invisible until its scheduled execution time (or “trigger time”), can infect your Mac in under a minute, leaves no digital trace and a 128-bit symmetric, hard-coded key encryption algorithm means there’s little other option but to pay up.

But while Phil upstairs may think MacRansomware’s inferior technical flaws help him out, it’s also one of the problems. You see, MacRansom is unsophisticated meaning that victims paying the 0.25 bitcoin (around $700) are highly likely to find that any decryption keys simply don’t work.

If you try to un-encrypt your 128 files yourself using recovery tools, any files you do get back will be virtually useless because after successfully encrypting your files, it encrypts both com.apple.finder.plist and the original executable, then it changes the Time Date Stamp and deletes them.

But there’s far fewer MacRansomware programs out there, right?

mac security updates

Yes, according to statistics published in a McAfee Labs threat assessment, there are currently only 450,000 malicious programs aimed at Macs – compared to 23 million targeting Windows users. That’s only 1.95%.

Figures will continue to show that PCs are more vulnerable to attack and Mac users are safer because data doesn’t incorporate the fact that only 6% of home computers run on Apple Mac OS.

But one thing is for sure, now MacRansomware is out there and with copycat coders always looking for new ways to exploit, expect it to spread like a rash… or a virus.

This means low-level cybercriminals don’t even need any specialist Mac knowledge; no coding experience is needed whatsoever – they just buy the malicious code and away they go.

You can almost hear Terry’s little fingers tapping away on the dark web plotting Phil’s demise…

As always, whether you’re Terrance or Phillip, whether you run Windows, Mac OS (or Linux) our advice is to backup regularly, update anti-virus software often and stay one step ahead when it comes to software patches.

And remember, patches no longer just cover missing eyes, patches stop pirates!

3 comments

Leave a Reply

Your email address will not be published.