Slashdot Mirror

← Back to Stories (view on slashdot.org)

Proof-of-Concept Ransomware Affects Macs (vice.com)

Posted by Soulskill on from the equal-opportunity-blackhats dept.

sarahnaomi writes: Ransomware, the devilish family of malware that locks down a victim's files until he or she coughs up a hefty bounty, may soon be coming to Mac. Last week, a Brazilian security researcher produced a proof-of-concept for what appears to be the first ransomware to target Mac operating systems (Mac OS X). On Monday, cybersecurity company Symantec verified the researcher's findings. "Mabouia is the first case of file-based crypto ransomware for OS X, albeit a proof-of-concept," Symantec wrote in a blog post. "It's simple code, I did it in two days," [said] the creator of the malware.

6 of 163 comments (clear)

  1. That's special... by Aaden42 · · Score: 4, Insightful

    Great! You can encrypt some files. You're amazing!

    Show me a zero-click network infection vector, then I'll be a little worried. Yes, I've already removed Flash and never installed Adobe Reader. No, getting me to execute an email attachment (after disabling Gatekeeper) doesn't count.

    1. Re:That's special... by macs4all · · Score: 2, Insightful

      zero-click? that is a very low bar to set given that most of the ransomware that plagues windows these days is zero-click.

      In case you haven't noticed, OS X appears to be somewhat (read: Insanely) more Robust in that regard than any version of Windows to date.

      I offer as proof the fact that we are at SIXTEEN YEARS of OS X, without a single infection that did not exclusively rely on Social Engineering and active participation by the User.

    2. Re:That's special... by andydread · · Score: 1, Insightful

      what you are deliberately leaving out is that OS X has a fraction of the marketshare of windows and that is the main reason.

  2. Re:Just to note... by tepples · · Score: 1, Insightful

    The idea is that anyone could take this program, disable the warnings, and combine it with some exploit package to create ransomware.

  3. Re:Just to note... by MachineShedFred · · Score: 4, Insightful

    Hey look! I have a "proof of concept" too!


    #!/bin/bash
    openssl aes-256-cbc -in ~/Documents/* -out ~/ransom.aes -d -pass $up3r$ecretPassw0rd!

    Pay me or you'll never see your documents again!

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  4. Re:Just to note... by MachineShedFred · · Score: 1, Insightful

    Most grade school kids could figure this out:

    man openssl

    Combine OpenSSL with a little AppleScript, and voila, you have the same "proof of concept" that TFA is basically showing. What a fucking joke.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.