Bitcoin Ransomware Education – Patcher

New types of ransomware continue to pop up in 2017, even though some of them do things a bit differently. Patcher, a new ransomware discovered by the Trend Micro security researchers, is designed to specifically target MacOS users. In most cases, criminals steer away from MacOS as it is far less commonly used compared to Windows, however this type of malware decided to take a different approach.

A Look At The Patcher Ransomware

It’s not often that a new type of ransomware is discovered which targets an operating system that is not Windows or Android. Patcher proves to be one of these rare exceptions, as it is designed to target non-Windows systems. In fact, for some unknown reason it aims for the MacOS users. As one would expect, the malware in question is distributed through popular file sharing techniques. In this case, Patcher is distributed over the BitTorrent protocol, which is used by many people all over the world.

To be more precise, Patcher disguises itself as a “cracker” for popular paid software. Microsoft Office and Adobe Premiere Pro are two examples of paid software which are often pirated. To do so, users need a cracking tool that bypasses any validation procedures to ensure the user is running a legitimate version of the software on their computer. Once a user downloads the Patcher-laden “cracker” over the BitTorrent protocol and executes the file, they will see a pop-up window asking for permission to start the patching process.

Do not be mistaken in thinking this is a legitimate tool, though, as the

Related Post
Patcher ransomware will start encrypting computer files once the user hits the “start” button in the popup window. In a way, users give Patcher permission to encrypt their files, which is a rather unique way of going about things. All files will be encrypted using a random 25-character string. Moreover, users will receive clear instructions on how to decrypt their files, as well as guidelines to make the 0.25 Bitcoin payment.

Paying the ransomware demand is never the solution to these types of infections, though. Even if the payment is made successfully, there is no guarantee the criminals will send the decryption key to the victim. In fact, researchers discovered the code responsible for communicating with the command-and-control server is utterly broken. The criminals are effectively unable to provide the decryption key to victims, as there is no line of communication between both parties. This seems to indicate Patcher’s developers are rather new to the ransomware system.

Even though it may seem like Patcher became less of a threat all of a sudden, that is far from the case. Just because users can’t get their decryption key does not mean the ransomware is rendered useless all of a sudden. It is more than capable of executing the payload successfully and encrypting all of the files found on the computer. The bigger problem is getting rid of the infection once the damage has been done, as paying the bitcoin amount will not make a difference by any means.

It is unclear if this means we will see more types of crypto ransomware deliberately targeting non-Windows computer systems, though. Security researchers have noticed a few different types of malware coming to fruition in recent months, although the numbers are not alarmingly high by any means. Criminals will do everything they can to make money by exploiting vulnerable computers and mobile devices. MacOS users often have more expensive computers, which can make them a valuable target for hackers and other cyber criminals moving forward.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

$ELIZA Token Launch Marred By Insider Trading Allegations

The launch of $ELIZA, a token introduced by Andreessen Horowitz (a16z) partner @shawmakesmagic, has sparked…

9 mins ago

Cardano’s Rally Highlights Diverging Moves Among Investors

Cardano ($ADA) has been making waves in the crypto market, breaking away from the altcoin…

12 mins ago

Real-World Asset Tokenization: Bridging Traditional Finance And DeFi

The rise of real-world asset (RWA) tokenization is reshaping the decentralized finance (DeFi) landscape, creating…

17 mins ago

Meme Coins Soar as Market Hits New Highs

The meme coin market is experiencing a remarkable resurgence, surging 84% in value and capturing…

21 mins ago

Bitcoin Smashes New ATHs Amid Surging Capital Inflows And Whale Activity

Bitcoin continues its meteoric rise, repeatedly breaking all-time highs (ATHs) as it attracts massive inflows…

24 mins ago

Ethereum Faces Challenges But Retains Long-Term Potential Amid Growing Institutional Interest

Despite Ethereum's ($ETH) recent underperformance against Bitcoin ($BTC), many ETH holders continue to endure unrealized…

30 mins ago