Computers and Technology

Home Computers and Technology

Swift-based ransomware targets macOS pirates with false decryption promise

  • LiberalArkie (3635 posts)
    Profile photo of LiberalArkie Donor

    Swift-based ransomware targets macOS pirates with false decryption promise

    New ransomware for the Mac has been discovered by security researchers, with the “poorly coded” malware created in Swift encrypting the user’s files and demanding a payment, without any possibility of decrypting the files even if the ransom is paid.

    Circulating via BitTorrent sites and called “Patcher,” the malware poses as a crack for pirates to get around copy protection and licensing systems used in popular software suites. Researcher Marc-Etienne M.Léveillé found two different fake patchers that used the same code, posing as ways to unlock Microsoft Office for Mac 2016 and Adobe Premiere Pro CC 2017, but suggests there may be more instances of the malware circulating around under different names.

    When extracted from the archive and executed, the malware opens up a window advising users to press the start button to patch the pirated software. If clicked, the ransomware then spreads around a “readme” file to various user directories, before encrypting all other user files using a randomly-generated 25-character key in an archive, and deleting the original files.

    The Readme file explains to the user the files are encrypted, and to pay 0.25 bitcoin to a specific wallet address to unlock them within seven days. While it is claimed files will be decrypted within 24 hours of the random’s payment, another option to pay 0.45 bitcoin is also offered, touting decryption within ten minutes.

    More

    http://appleinsider.com/articles/17/02/22/swift-based-ransomware-targets-macos-pirates-with-false-decryption-promise

    dEEDeeNL likes this

You must be logged in to reply to this topic.