Ransomware attacks aren’t just a threat to Windows operating systems — they’re encrypting files on macOS devices and demanding ransom payments for a decryption tool, too.
Cybersecurity researchers at Microsoft Security Threat Intelligence have detailed several ransomware campaigns targeting Apple-based computers and networks — and the methods of attack are very familiar to those used by cyber criminals targeting Microsoft Windows and other operating systems.
In many instances, the initial compromise occurs after the user is tricked into providing access to cyber criminals, such as by opening phishing emails or downloading and then running fake or trojanized applications that install ransomware.
The ransomware can also arrive as a second-stage payload dropped by other malware that has been previously installed on the machine, either by the same cyber criminals or access brokers leasing out access to compromised systems, or uploaded as part of a software supply chain attack, where attackers have managed to compromise a software update.
While most ransomware campaigns target Windows systems, and are likely drawn in by the sheer number of organizations that base their infrastructure on Microsoft Windows, Macs aren’t immune. Ransonmware on Macs isn’t a new phenomenon. But researchers warn the evolution of the attacks on MacOS demonstrate how ransomware isn’t just a threat to one particular operating system.
“Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with