Over the last few years, LockBit has turned out to be one most powerful gangs dealing in ransomware. While it has usually focused on host machines which are virtual, Linux, or Windows, it does appear that the group has created its first ransomware for Macs now.
The ransomware was first discovered by MalwareHunterTeam, and it has already surfaced on the web. Although it is not entirely clear, it could be the first time in history that a major ransomware gang has directly targeted devices of Apple. For those who are unaware, LockBit is actually considered to be a Russian-based group by most security analysts- as most of the members of this group speak Russian. However, it is assumed that the leader operates out of either China or the USA.
LockBit has created Ransomware That Will Attack Macs
LockBit has grown over the years- as it runs a ransomware-as-a-service operation. This approach entails that the group usually lets other people utilize their ransomware- but there is a price attached to it. It also appears that the current LockBit ransomware was created by Apple Silicon Macs with the build name being “locker_Apple_M1_64.” Although the infosec Twitter account vx-underground spoke about the appearance of this ransomware for Mac showing up in a single place with a date of November 2022, the security team stated that they haven’t yet found any viable mentions of it online.
In any case, the team believes that this is the initial public alert about LockBit targeting Apple devices. And with the RaaS approach of the gang, it is quite possible that we could be seeing an incoming wave of ransomware attacks that would target Macs. Analyst1’s Joe DiMaggio, in an interview with Wired, did speak about the popularity of the ransomware gang- mostly due to the business savvy of the leader.