Archived Post

Malwarebytes discovers first Mac ransomware in four years

Thomas Reed from Malwarebytes Labs has published a blog on a new Mac ransomware — the first in four years and only the fourth ever.

“A Twitter user going by the handle @beatsballert messaged me yesterday after learning of an apparently malicious Little Snitch installer available for download on a Russian forum dedicated to sharing torrent links,” he writes. “A post offered a torrent download for Little Snitch, and was soon followed by a number of comments that the download included malware. In fact, we discovered that not only was it malware, but a new Mac ransomware variant spreading via piracy.

Analysis of this installer showed that there was definitely something strange going on. 

“To start, the legitimate Little Snitch installer is attractively and professionally packaged, with a well-made custom installer that is properly code signed,” Reed writes. “However, this installer was a simple Apple installer package with a generic icon. Worse, the installer package was pointlessly distributed inside a disk image file.”

Read the entire blog post for details. Malwarebytes makes software designed to stop hackers and malware and clean up an infected machine.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.