A new type virus ransomware is attacking users of Apple Mac computers and is being distributed via download link forums via torrent. When activated, it applies encryption to files on a device and asks for a ransom in return.
Cybersecurity company Malwarebytes discovered this threat after receiving notice of a torrent photo in Russia and warned that it is a variant of ransomware that spread through hacking websites, as warned in a statement.
This threat masquerades as the Little Snitch installer, a legitimate firewall for the Mac operating system. The infected file actually contains a malicious script with which the virus is loaded on the user’s device.
In addition, this same ransomware is present in other variants in other programs distributed through piracy by torrent downloads such as music editing software. Mixed In Key 8 or Ableton Live audio sequencer.
WannaCry, one of the best known ransomware. (Bloomberg)
Once installed, the malware spreads across the hard drive, and does not start encrypting files from scratch but instead it takes three days to start acting.
As is the custom in ransomware, at this time the virus begins to display a message to users in which demands a ransom to recover your data. In this case, claim 50 dollars within three days.
To avoid the impact of these attacks, Malwarebytes recommends that Mac users use security solutions and keep at least two backups, one of them on a hard drive not connected to the computer, since it is common for ransomware to also encrypt connected external disks.
For these reasons, it is recommended to avoid using torrents without a private connection network (VPN).
Russia, always on suspicion of ransomware
Attacks worldwide: ransomware is universal. (EFE)
The novelty of this attack occurs in a context of growing computer attacks, mainly due to the situation of confinement due to the coronavirus. This is why hackers operating from Russia are increasing attacks by ransomware against major American companies, threatening them with paralyze their networks if they do not meet their demands for millions of dollars.
Cybersecurity firm Symantec said Thursday that it had identified at least 31 goals in the United States, including eight Fortune 500 companies.
“The attackers behind this threat seem to be skilled and experienced, able to penetrate some of the best-protected corporations, steal credentials and move easily through their networks. As such, WastedLocker is a highly dangerous piece of ransomware“The threat intelligence division of Symantec, owned by Broadcom, said in its warning.
“At least 31 client organizations were attacked, which means that the total number of attacks can be much higher. The attackers had violated the networks of the target organizations and were in the process of preparing the ground for organizing ransomware attacks,” they explained. .
Ransomware is, thus, a problem that grew enormously during the pandemic.