What You Need to Know About Mac Ransomware

New strains of ransomware often affect many Windows computer systems but rarely affect Macintosh computers. There are some types of ransomware that specifically target Apple's machines. If your company mainly uses Macs, then defending against these threats is important. Here's what you should know about Mac ransomware.

Ransomware is malware that locks up computers until a ransom is paid. It usually demands payment in gift cards or cryptocurrencies like Bitcoin or Ethereum. Phishing emails are used to distribute malware, but they can also be used to spread malware through unsecured network connections.

If Macs get infected by ransomware, users will not be able to use them because they're encrypted. Ransomware messages often threaten to release the information publicly or delete sensitive data if they aren't paid by a specified date. Health care and financial institutions, in particular, are most likely to pay the ransomware because they have a lot of valuable resources, such as money, and cannot afford to lose access to any of their critical information to ransomware threats.

KeRanger ransomware was spread through the popular BitTorrent application Transmission. KeRanger was able to bypass Apple's built-in security mechanisms and install malware on thousands of Macs.

Another strain of Mac Ransomeware called Patcher was discovered in 2017. Ransomware disguised itself as an update for applications like Microsoft Word. When launched, Patched would encrypt files in user folders and require payment in Bitcoin. However, the ransomware was poorly written, so there was no easy method for recovering the encryption key once the ransom had been paid.

In 2019, the EvilQuest ransomware variant encrypted files and tried to trick users into paying a Bitcoin ransom. Like Patcher, however, PatchMe didn't provide any way for people who paid the ransomware to get their decrypted data back.

Ransomware outbreaks of malicious code like this one can occur at any time, so you need to be ready for them.

Preventative measures are the best ways to keep your Macs secure from ransomware and malicious software. You should update your software regularly to protect yourself from the latest security issues and install apps only from the official app store.

Ransomware initially spreads by sending malicious emails containing malware disguised as an attachment or link. Make sure to avoid these types of messages. Be vigilant even if it may appear to be from a reputable business or someone you know.

You must also maintain offline backups and have a disaster recovery plan to keep your business running in the off chance that ransomware successfully infiltrates your systems.

If your Mac is affected by ransomware, don't pay the ransom fee, because there's no guarantee that they'll provide a decryption key for your files even if you pay them.

Instead, use an updated anti-virus program to remove ransomware from computers. If you're infected by ransomware, cybersecurity specialists might also release free decryption tools online. So be sure to check them out. If these programs and resources don't work, stop spreading the ransomware by disconnecting yourself from the network and running recovery procedures, if you've backed up your files in an external hard disk or the cloud.

Mac ransomware attacks aren't common, but they're still a big problem for your business. If you need any further help, please get in touch with us. We stay up to date on the latest Mac malware and how to protect your business from them.