According to a report in Business Insider, Fortinet discovered a ransomware-as-a-service program called MacRansom on the darknet that may not seem that sophisticated but could cause a lot of damage. The report noted the MacRansom creators claimed to be Yahoo and Facebook engineers who are making the malware available for free due to the fact that lots of people are buying Macs from Apple.
“Unlike most hackers on the darknet, we are professional developers with extensive experience in software development and vast interest in surveillance,” the anonymous authors wrote, according to the report.
While the authors of the code are boasting the ability for it to cause damage, Fortinet analyzed it and said it was “far inferior” to ransomware attacks targeted at Windows machines but warned it could still create havoc.
“It doesn’t fail to encrypt victim’s files or prevent access to important files, thereby causing real damage,” Fortinet said, according to the report.
The security firm advised Mac users to back up their machines and be wary of opening unusual files or clicking on email links. Meanwhile, researchers at AlienVault found more malware created by the same authors, with the malicious code able to read users files. Dubbed MacSpy, it was also advertised on the dark web and claims to provide access to social media accounts and steal the files of unsuspecting victims. The researchers at AlienVault warned that as Macs grow in popularity, there will be more instances when malware is targeted at Mac users.
“While this piece of Mac malware may not be the most stealthy program, it is feature-rich, and it goes to show that as OS X continues to grow in market share and we can expect malware authors to invest greater amounts of time in producing malware for this platform,” AlienVault said, according to the report.