Mac Ransomware Coming

mac-ransomware-for-sale-on-dark-web-screenshot
Image from Fortinet.com

Mac Ransomware Coming: a reader asks…

I’ve been reading about ransomware and how big it’s getting. I have a 2015 Macbook Pro running MacOS Sierra and I keep it up-to-date. I don’t use any software not in the Mac App Store. Do I need to be worried or am I still safe?

While Mac users have been largely immune to computer viruses, malware and other threats, the immunity has never been 100%, and it’s starting to wear off. More and more hackers are targeting Mac users with various threats, including ransomware. Security researcher Fortinet recently discovered ransomware for Macs being offered on the Dark Web (see this article).

Advertisement

So the short answer is that you need to start thinking about how you use your Mac on a day-to-day basis. Do you use a standard account or an administrative account? Hint, the former is safer. Do you click on file attachments in email, click on hyperlinks in email or on websites, or open/run files downloaded from the internet? Hint, all are possible ways for ransomware to lock up your files.

infected-mac-screenshot
Image from Fortinet.com

It’s very possible that one day soon someone will release this or another Mac ransomware variant into the wild. Often these attacks are not very sophisticated, consisting of a spam email with a file attachment. Therefore, fairly easy to avoid. But hackers are getting better and better, using creativity to find ways around your defenses. One example would be to sneak a website ad into the ad-placing network, an ad that has a ransomware payload. Anyone clicking on the ad could find their computer’s files encrypted. Another would be to hack into and infect a popular website – anyone visiting that website could get the ransomware.

Using a standard Mac user account for your daily use will go a long way towards protecting you from such attack vectors. That’s because a standard account can’t run executable files that aren’t already registered in the Mac without asking for an administrator password. Go the rest of the way, and be very wary about providing that administrator password. Make sure you know what you’re doing when you give permission for a program or file to run.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek
(@PosiTek)

Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net
(Support@PosiTek.net)

Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required)
(using any credit card)

or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.