Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

LockBit ransomware is targeting Macs for the first time

Ransomware attack on a computer

One of the most infamous ransomware strains, LockBit, has reportedly been spotted infecting Apple Mac devices for the first time, ever. 

Cybersecurity researchers from the MalwareHunterTeam tweeted about finding “locker_Apple_M1_64” - “the first Apple's Mac devices targeting build of LockBit ransomware sample seen”. What’s more, the researchers believe this might be the first time a “big name” gang targeted a Mac.

While targeting M1-powered devices might make headlines, 9To5Mac also says that a LockBit ransomware build is also “showing up for PowerPC Macs”, as well.

LockBit is currently one of the most widely-used ransomware variants around today. Its creators are offering the locker as a service (Ransomware-as-a-Service, or RaaS), allowing different hacking groups to use the tool for a fee. 

Among its more recent victims is the space exploration company, SpaceX. In mid-March, hackers said to have breached one of the company’s suppliers, and through them, obtained SpaceX’s sensitive data, including thousands of drawings certified by SpaceX engineers.

On one occasion, one of LockBit’s affiliates also targeted SickKids, the Hospital for Sick Children. SickKids is a major pediatric teaching hospital located on University Avenue in Toronto, Canada, and Affiliated with the Faculty of Medicine of the University of Toronto. The group was later excommunicated by LockBit’s creators, who also issued an apology and released a free decryptor. 

The group was first discovered roughly three years ago, and is believed to be operating either out of the United States, or out of China. Most members of the groups are speaking Russian, however. 

So far, ransomware attacks were contained to mostly Windows devices, with an occasional expedition into Linux. The Apple ecosystem was mostly perceived as safe from ransomware, until now. Whether or not this LockBit variant motivates more threat actors to start targeting Mac endpoints, remains to be seen. 

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.