Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Mac Computers Are Being Targeted By Ransomware, Spyware (bbc.com)

Posted by BeauHD on from the sophisticated-attacks dept.

If you are a Mac user, you should be aware of new variants of malware that have been created specifically to target Apple computers; one is ransomware and the other is spyware. "The two programs were uncovered by the security firms Fortinet and AlienVault, which found a portal on the Tor 'dark web' network that acted as a shopfront for both," reports BBC. "In a blog post, Fortinet said the site claimed that the creators behind it were professional software engineers with 'extensive experience' of creating working code." From the report: Those wishing to use either of the programs had been urged to get in touch and provide details of how they wanted the malware to be set up. The malware's creators had said that payments made by ransomware victims would be split between themselves and their customers. Researchers at Fortinet contacted the ransomware writers pretending they were interested in using the product and, soon afterwards, were sent a sample of the malware. Analysis revealed that it used much less sophisticated encryption than the many variants seen targeting Windows machines, said the firm. However, they added, any files scrambled with the ransomware would be completely lost because it did a very poor job of handling the decryption keys needed to restore data. The free Macspy spyware, offered via the same site, can log which keys are pressed, take screenshots and tap into a machine's microphone. In its analysis, AlienVault researcher Peter Ewane said the malicious code in the spyware tried hard to evade many of the standard ways security programs spot and stop such programs.

9 of 54 comments (clear)

  1. Re:BUT by Anonymous Coward · · Score: 2, Interesting

    Macs don't get viruses? They don't. Any system including Linux can get malware if you download from untrusted sources on pirate bay or click on "update adobe flash" from a porn site ad... Good thing about Macs is people tend to actually back them up with time machine, so it should be a quick recovery.

  2. Waste of time to read the fine article by 140Mandak262Jamuna · · Score: 2

    Does not talk about attack vector, what user action is needed to get infected with the malware.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  3. It's telling that this is news by goombah99 · · Score: 4, Insightful

    This is news. That tells you it's shockingly unusual. That is to say if the word apple were not there it would not be news.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  4. Linux, not to feel left out... by Anonymous Coward · · Score: 5, Funny

    Funnily enough, I got an email just the other day with Linux ransomware, so I don't want to hear any of this "Linux has no ransomware" nonense. Here's the mail:

    Dear Sir or Madam,

    Our esteemed company would like to submit a large purchase order for $100.0000,00, as I am sure you will find agreeable to your company. To complete this order please follow these instructions:

    1. sudo apt-get install build-essential
    2. enter your root password.
    3. Save the following attachment to a file called "purchaseorder.cpp"
    4. Open a shell window.
    5. cd to the location of the file you saved. Make sure it's the same directory!
    6. mkdir build
    7. cd build
    8. cmake -D CMAKE_BUILD_TYPE=Release ..
    9. make -j4
    10. sudo make install
    11. sudo apt-get install libcrypto++9 libcrypto++9v5 libcryptsetup4
    12. sudo purchaseorder

    Note if /usr/local/bin/ is not in your search path, you may have to provide a path yourself. If that doesn't work please try "git pull --rebase origin/purchaseorder-root-branch" and try again.

    Thank you!

    Fuckers! I did all that and now those assholes are demanding a ransom to get my files back.

    1. Re:Linux, not to feel left out... by Anonymous Coward · · Score: 3, Funny

      All this work just to install some lousy malware? And they wonder why Linux isn't getting any decent share of the desktop market ...

  5. Re:BUT by Hussman32 · · Score: 2

    I remember getting epolife on my mac somehow (it could have been me, but I suspect it was my mom). Three google searches, a couple of hidden directories, and a few browser settings, and it was gone.

    Much easier than some virus experiences I had with my PC backintheday.

    --
    "Who are you?" "No one of consequence." "I must know." "Get used to disappointment."
  6. What a Mac user can do by AHuxley · · Score: 5, Informative

    Get good AV like Intego. https://www.intego.com/
    A firewall product like https://www.obdev.at/products/...
    RansomWhere? https://objective-see.com/
    Malwarebytes https://www.malwarebytes.com/m...

    --
    Domestic spying is now "Benign Information Gathering"
  7. Mackeeper was first by thesjaakspoiler · · Score: 3, Interesting

    to make it's way into your Mac in every possible way since your first powered up your Mac. That is where Apple should have already taken action.

  8. Re:Really? by dwightk · · Score: 2

    there's one in my pocket right now

    --
    Like anyone can even know that