Categories: NewsSecurity

Two New Macintosh Malware Threats Have Been Identified

Macintosh users have another cyber threat to worry about. It seems cybercriminals have taken a liking to exploit MacOS vulnerabilities these past few months. Two new strains of Mac OS X malware have been discovered, both of which are distributed through malware-as-a-service products on the darknet. One strain is a ransomware variant, whereas the other seems to spy on users in order to obtain sensitive information and login credentials.

Two New Macintosh Threats With Dire Consequences

These two new malware strains have quite some interesting aspects, to say the least. First of all, there is MacRansom, which is an obvious ransomware product. It can be found on the darknet in the form of a ransomware-as-a-service scheme, which means anyone can distribute the malware to Macintosh users all over the world. Even though this sounds quite appealing, it has become apparent there is still some work to be done before this malware can become dangerous.

To be more specific, the MacRansom service requires the developer to manually approve all clients and negotiate fees. Moreover, all ransomware samples are built manually, rather than automatically. This makes the service far less appealing compared to other ransom-as-a-service products on the darknet these days. In fact, one could argue this ruins the entire concept of ransomware-as-a-service, since there is no automation whatsoever.

To make matters even worse, MacRansom’s encryption keys are included in the source code. However, there are two encryption keys associated with the

Related Post
ransomware code, and one of the keys is lost once the encryption process is completed. It is also impossible to have files decrypted, as MacRansom uses no command & control server, which is quite odd. Plus, there is no payment page, but rather a request to victims to contact the author directly via email. All things considered, this is quite sloppy, and anything but professional.

The same flaws apply to MacSpy, the spyware component offered by the same developers. It is evident this type of malware has received even less attention, as the source code seems to be a copy of the information found on Stack Overflow. Additionally, the spyware payload is not digitally signed, which means security alerts will be triggered once it is running. This could have been easily avoided by the developers, but for some reason, they decided not to pursue this option.

All of this seems to hint at two types of Macintosh malware which may appear to be harmless. That is not the case, though, as MacSpy and MacRansom can inflict quite a bit of damage to users all over the world. Especially the ransomware strain is quite disconcerting, as paying the ransom will not result in the files getting decrypted. It does not appear there is a decryption tool available either, which creates a very odd situation.

Luckily, it does not appear MacSpy and MacRansom are actively distributed right now. It is only a matter of time until this happens, though, and it will be interesting to see if the developers come up with improved versions of both. It is impossible to deny the Mac malware market is expanding, which does not bode well for Apple users all over the world. It remains to be seen if this “market” will be profitable, though.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

10 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

11 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

12 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

12 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

15 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

16 hours ago