Skip to main content
  1. Home
  2. Computing
  3. News

The biggest cybercriminals on the internet are now targeting Macs

Add as a preferred source on Google

The cybercriminal gang LockBit has now set its sights on Apple products with the development of its first ransomware for Macs, according to 9to5 Mac.

The Security research group MalwareHunterTeam (via Brett Callow) recently discovered that LockBit appears to have developed a ransomware build that is compatible specifically with macOS. The never-before-seen ransomware might be a first for LockBit, as the gang typically develops on Windows, Linux, and virtual host machines, the publication added.

A stack of MacBooks is pictured from the top down.
Image used with permission by copyright holder

The Mac-specific ransomware seems to target Apple Silicon Macs and is listed on the web under the build name locker_Apple_M1_64, according to researchers.

Recommended Videos

Another older Twitter account called vx-underground shows mention of the LockBit ransomware around November 2022, however, MalwareHunterTeam and other researchers note that there seems to be no real indication of the existence of locker_Apple_M1_64 until nowThis current account might be the first public notice that Apple devices are at risk of being affected by ransomware. The research group notes that now that news of the ransomware is out in the open, Macs might be more susceptible to cyberattacks.

LockBit is a notoriously powerful gang on the web, and is known by security analysts as a Russian-based group. Even so, the group leader is believed to operate out of the U.S. or China. The cybercriminal gang is a ransomware-as-a-service (RaaS) operation that allows others to purchase their nefarious products for their own unsavory tasks, 9to5 Mac noted.

Not a single person I can find tweeted LockBit has a Mac targeting version before I did above yesterday, nor can find any blog posts mentioning it, etc. So even if the gang had the first build in 2022 November, for public, this is not late at all, but even yet, seems the first… pic.twitter.com/4iR71cuLpo

— MalwareHunterTeam (@malwrhunterteam) April 16, 2023

The group is already known for its custom ransomware exfiltration tool called StealBIT, and is also known for quickly updating and preparing its infrastructure to keep on top of the cybercriminal food chain, Kaspersky’s Global Research senior security researcher Dmitry Galov said in a statement last year.

Expanding its reach to Apple products might just be an indication of how powerful the ransomware group has become.

Jon DiMaggio from Analyst1 similarly told Wired earlier this year that LockBit’s leader treats the RaaS group very much like a business, with point-and-click access, frequent updates, concern about user feedback, and frequent recruitment from rival gangs to maintain the quality of the ransomware.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
I let Radial menu take over my Mac, and I’m never going back
One mouse jiggle, endless shortcuts. My Mac has never felt this fast.
Radial app running on Mac

I have been testing Radial for the past week, and it's quickly become one of those apps I didn’t know how I could live without. It's a radial menu for macOS that puts your shortcuts, scripts, and automations right where your cursor is, so you never have to go hunting through menus to find what you need.

The app just received its 5.0 update, adding AI actions powered by Claude, window layouts, variables, a redesigned settings interface, a new Atmosphere background effect, and a squircle menu shape. I got to try most of these, and here's what I found.

Read more
Android desktop mode made me miss my laptop in record time
I tried writing and publishing from Google’s phone-to-monitor setup, and the future of mobile computing immediately started sweating.
Computer, Electronics, Laptop

Android 17 desktop mode has a very simple pitch. Plug your phone into a monitor, add a keyboard and mouse, and watch the slab in your pocket pretend to be a computer. I wanted to give that pitch a fair shot, so I tried using it for an actual workday instead of a cute demo.

The goal was boring on purpose: write an article, edit it, build the page in WordPress, upload whatever needed uploading, and publish the thing without running back to my laptop like a coward.

Read more
As AI turbocharges digital abuse, UK agencies urge parents to limit who sees kids’ photos online
The National Crime Agency and Internet Watch Foundation are asking parents to tighten privacy settings as AI-generated abuse material rises.
Social Media

Parents who post pictures of their kids online are being told to rethink the habit. The UK's National Crime Agency and the Internet Watch Foundation have issued new guidance urging families to lock down their social media accounts, warning that publicly shared photos are increasingly being pulled and altered by AI tools to create child sexual abuse material.

The two organizations say most parents have no idea this is happening. Criminals no longer need to contact a child directly to generate such material. They can scrape an ordinary photo and run it through widely available nudify apps.

Read more