(AppleInsider.com): New ransomware for the Mac has been discovered by security researchers, with the “poorly coded” malware created in Swift encrypting the user’s files and demanding a payment, without any possibility of decrypting the files even if the ransom is paid.
Thank you for reading this post, don't forget to subscribe!
Circulating via BitTorrent sites and called “Patcher,” the malware poses as a crack for pirates to get around copy protection and licensing systems used in popular software suites. Researcher Marc-Etienne M.Léveillé found two different fake patchers that used the same code, posing as ways to unlock Microsoft Office for Mac 2016 and Adobe Premiere Pro CC 2017, but suggests there may be more instances of the malware circulating around under different names.
When extracted from the archive and executed, the malware opens up a window advising users to press the start button to patch the pirated software. If clicked, the ransomware then spreads around a “readme” file to various user directories, before encrypting all other user files using a randomly-generated 25-character key in an archive, and deleting the original files.
The Readme file explains to the user the files are encrypted, and to pay 0.25 bitcoin to a specific wallet address to unlock them within seven days. While it is claimed files will be decrypted within 24 hours of the random’s payment, another option to pay 0.45 bitcoin is also offered, touting decryption within ten minutes.
To read the rest of the article, click here.