Thomas Reed from Malwarebytes Labs has published a blog on a new Mac ransomware — the first in four years and only the fourth ever.
“A Twitter user going by the handle @beatsballert messaged me yesterday after learning of an apparently malicious Little Snitch installer available for download on a Russian forum dedicated to sharing torrent links,” he writes. “A post offered a torrent download for Little Snitch, and was soon followed by a number of comments that the download included malware. In fact, we discovered that not only was it malware, but a new Mac ransomware variant spreading via piracy.
Analysis of this installer showed that there was definitely something strange going on.
“To start, the legitimate Little Snitch installer is attractively and professionally packaged, with a well-made custom installer that is properly code signed,” Reed writes. “However, this installer was a simple Apple installer package with a generic icon. Worse, the installer package was pointlessly distributed inside a disk image file.”
Read the entire blog post for details. Malwarebytes makes software designed to stop hackers and malware and clean up an infected machine.