LockBit Ransomware is now targeting Apple macOS devices

The year 2022 marked a significant increase in the number of ransomware attacks globally. Since then, there has been no respite for individuals and organizations who have continued to fall prey to ransomware groups throughout 2023. With the increase in ransomware attacks, cybercriminals have continued to develop sophisticated and advanced techniques to execute their attacks.

One of the known and more prolific ransomware groups is LockBit. On April 5, 2023, alarming news emerged when it was discovered that LockBit had developed a macOS-based payload. This development represents the first time a big-game ransomware crew has targeted macOS devices with their malware. Here’s what we know so far:

Development of macOS Payload by LockBit

According to reports from cybersecurity researchers, additional samples identified by Vx-underground show that the macOS variant of LockBit ransomware has been around since November 11, 2022. The LockBit ransomware has been known for its attacks targeted at Windows devices since late 2019. The new development of a macOS-based payload expands the attack surface of the ransomware group, which now has the capability to target both Windows and macOS devices.

LockBit’s Emergence as a Major Threat in Ransomware Attacks

According to statistics released last week by Malwarebytes, LockBit emerged as the second most used ransomware in March 2023 after Cl0p. The increase in the use of LockBit indicates the growing influence and capabilities of the ransomware group.

Analysis of the LockBit macOS Payload

An analysis of the new macOS version reveals that it is still a work in progress, relying on an invalid signature to sign the executable. The payload packs in files like “autorun.inf” and “ntuser.dat.log”, suggesting that the ransomware sample was originally designed to target Windows.

Impact on Apple Silicon

While the macOS variant of LockBit has been designed to run on Apple Silicon, its impact is limited. Apple’s implementation of the ARM64 instruction set and the use of the M1 processor have posed a significant barrier for cybercriminals to run their malicious payloads on Apple devices. According to Patrick Wardle, a cybersecurity expert, “Yes, it can indeed run on Apple Silicon, but that is basically the extent of its impact.”

Apple’s Safeguards Against LockBit

Apple has implemented additional safeguards to protect macOS users from ransomware attacks. These include System Integrity Protection (SIP) and Transparency, Consent, and Control (TCC). System Integrity Protection aims to prevent malware from modifying critical system files, while Transparency, Consent, and Control seeks to provide the user with more control over the data that applications on their devices can access.

Active development of LockBit’s macOS encryptor

A LockBit representative has confirmed to Bleeping Computer that the macOS encryptor is “actively being developed”. This confirmation raises concerns that LockBit might pose a significant threat to Apple’s operating system. As the LockBit ransomware group continues to develop advanced techniques to carry out their attacks, it’s crucial for users to keep their devices updated, implement strong security measures, and stay vigilant for any signs of a ransomware attack.

The emergence of LockBit’s macOS payload highlights the need for organizations and individuals to remain proactive in protecting their devices from ransomware. With Apple’s implementation of additional safeguards, it is harder for cybercriminals to execute attacks on macOS devices. However, as LockBit continues to develop its macOS payload, it is vital to remain vigilant, implement strong security measures, and educate oneself on ransomware threats. By staying informed and taking necessary precautions, users can minimize the threat posed by LockBit and other ransomware groups.

Explore more

D365 Supply Chain Tackles Key Operational Challenges

Imagine a mid-sized manufacturer struggling to keep up with fluctuating demand, facing constant stockouts, and losing customer trust due to delayed deliveries, a scenario all too common in today’s volatile supply chain environment. Rising costs, fragmented data, and unexpected disruptions threaten operational stability, making it essential for businesses, especially small and medium-sized enterprises (SMBs) and manufacturers, to find ways to

Cloud ERP vs. On-Premise ERP: A Comparative Analysis

Imagine a business at a critical juncture, where every decision about technology could make or break its ability to compete in a fast-paced market, and for many organizations, selecting the right Enterprise Resource Planning (ERP) system becomes that pivotal choice—a decision that impacts efficiency, scalability, and profitability. This comparison delves into two primary deployment models for ERP systems: Cloud ERP

Selecting the Best Shipping Solution for D365SCM Users

Imagine a bustling warehouse where every minute counts, and a single shipping delay ripples through the entire supply chain, frustrating customers and costing thousands in lost revenue. For businesses using Microsoft Dynamics 365 Supply Chain Management (D365SCM), this scenario is all too real when the wrong shipping solution disrupts operations. Choosing the right tool to integrate with this powerful platform

How Is AI Reshaping the Future of Content Marketing?

Dive into the future of content marketing with Aisha Amaira, a MarTech expert whose passion for blending technology with marketing has made her a go-to voice in the industry. With deep expertise in CRM marketing technology and customer data platforms, Aisha has a unique perspective on how businesses can harness innovation to uncover critical customer insights. In this interview, we

Why Are Older Job Seekers Facing Record Ageism Complaints?

In an era where workforce diversity is often championed as a cornerstone of innovation, a troubling trend has emerged that threatens to undermine these ideals, particularly for those over 50 seeking employment. Recent data reveals a staggering surge in complaints about ageism, painting a stark picture of systemic bias in hiring practices across the U.S. This issue not only affects