Apple Mac users are being warned about new variants of malware that have been created specifically to target Apple computers. One is ransomware that encrypts data and demands payment before files are released. The other is spyware that watches what users do and scoops up valuable information. Experts have said that the threat is real due to the creators letting anyone use the two programs for free.
The two programs were uncovered by the security firms Fotinet and AlienVault which found a portal on the Tor ‘dark web’ network that acted as a shopfront for both. The creators behind the malware are thought to have extensive experience of creating working code.
Those wishing to use either of the programs had been urged to get in touch and provide details of how they wanted the malware to be set up. The malware’s creators had said that payments made by ransomware victims would be split between themselves and their customers.
Researchers at Fortinet contacted the ransomware writers pretending they were interested in using the product and, soon afterwards, were sent a sample of the malware. Analysis revealed that it used much less sophisticated encryption than the many variants seen targeting Windows machines, said the firm. They also said that any files scrambled with the ransomware would be completely lost because it did a very poor job of handling the decryption keys needed to restore data.
Aamir Lakhani from Fortinet said Mac users should make sure their machines were kept up to date with the latest software patches and be wary of messages they receive via email.
www.bbc.co.uk/technews (13th June 2017)