top of page

LockBit Ransomware Crew Develops macOS Payload

It seems like LockBit ransomware has found its way to macOS devices. This ransomware has been active since late 2019 and has been linked to Russia. This is the first time that a big-game ransomware crew has created a macOS-based payload, according to MalwareHunterTeam. The new macOS version of LockBit is still a work in progress and is signed with an invalid signature. This means that Apple's Gatekeeper protections will prevent it from being run. The payload for this ransomware includes files like autorun.inf and ntuser.dat.log, which suggests that the ransomware was originally designed to target Windows devices. Even though this ransomware is still in development for macOS, it is important to be aware of its existence and be cautious of any suspicious activity on your device.


bottom of page