This article is more than 1 year old

Mac ransomware author is giving away malicious code to script kiddies

Ringleader passes 30 per cent of earnings to their stooges

Security researchers have discovered a ransomware variant that targets Macs rather than Windows PCs.

Although technically inferior to most current ransomware targeting Windows, it still encrypts or prevents access to victim's files, thereby causing real damage, according to researchers at Fortinet.

MacRansom uses symmetric encryption with a hard-coded key to hijack files on compromised Macs. The ransomware only encrypts a maximum of 128 files, according to Fortinet's analysis.

The malware is being offered through a ransomware-as-a-service delivery model so even the relatively clueless can try making money with the nasty. No coding experience is needed. Would-be crooks can contact the author and obtain malicious code through a portal on the dark net, Fortinet discovered.

The ransomware demands 0.25 bitcoin (around $700) for decryption keys. The author remits 30 per cent to the Bitcoin address of his script kiddie accomplices once he's been paid. The role of the script kiddie is restricted to distributing the nasty using booby-trapped emails or direct installation. The author discourages drive-by download attacks or other approaches that involve uploading customised versions of the nasty to cleartext websites. ®

More about


Send us news

Other stories you might like