Mac ransomware and how to defeat it

2017March21Apple_CAlthough most ransomware is designed to attack Windows systems, a new strain is targeting Mac computers. Discovered last month, Mac ransomware OSX/Filecoder.E was found by researchers to behave just like any cryptolocker variant. It would encrypt all data until victims paid the cybercriminals. But here’s the catch: There’s no guarantee that the Mac ransomware will release your files after you give in to the attacker’s demands. However, all is not lost. If you follow the tips below, you have a good chance of defeating this malware.

According to ESET security researchers, even though the Filecoder ransomware was written in Apple’s programming language, the malicious code is not as potent or as skillful as other viruses. In fact, it’s so poorly written that hackers never developed a method to retrieve the encryption key once the ransom has been paid.

In any case, whether you’re dealing with Filecoder or some other ransomware, we advise against ever giving in to the hacker’s demands.

Avoid Filecoder
So far, Filecoder isn’t given out via phishing emails like most ransomware; instead, it’s distributed on Torrent sites and goes by the name “Patcher.” Therefore, it’s best to stay away from these highly unregulated (and mostly illegal) websites and stick to trusted app stores like Mac, Microsoft, and Google.

Even if the ransomware is not sent out via phishing campaigns, you should still be careful of any unsolicited emails with strange file attachments in case the malware authors decide to branch out.

Install preventive measures
Like with any other malware, being proactive with your cybersecurity solutions is the best way to defend against Filecoder. Install reliable antivirus software, intrusion prevention systems, firewalls, and update systems whenever possible.

You must also maintain backups and have a disaster recovery plan to keep your business running in the off chance that ransomware or any other cyberattack successfully infiltrated your systems.

Defeat the ransomware
Given the ransomware’s shoddy code, security researchers have found a way to decrypt files without paying. Free cracking tools like PKCRACK can recover Filecoder-encrypted data if you have one original version of the affected files. The recovery process, however, does require some programming knowledge, so contact an IT expert or a managed services provider to unlock the ransomware for you.

Filecoder may not be the strongest malware around, but this could just be the start of Mac-based attacks. To protect your business from the onslaught of cyberattacks, you need security experts. Contact us today.

Published with permission from TechAdvisory.org. Source.

Ready to get more value out of your business IT?

Get in touch today to find out exactly how we can help

Scroll to Top