New Mac Ransomware Found in Pirated Mac Apps

[jakeenzo]

Hackintosh 4ever! Also sandbox drive for risky stuff.
Let's see if non-Intel Macs are actually worth buying. Don't feel like paying $3k for hardware I can get for $1k. Software applies too, especially for stuff I use like once a year. Haters can hate.

Not for long! Bye bye Intel

 

[moulderine]

Do you thing these bad actors are vigilante criminals? Or do you think they may start to try sneak this into applications you download from 3rd party sources (either because the app devs stopped working on the product, or google fu leads to a 3rd party listing appearing higher than the developers site)?

Very short sighted to think this will impact only pirated apps. I buy as little software from the app store as I can and go direct to the developers site. Whilst this virus does not impact me currently, downloading apps for the Mac from outside the app store is the norm and will remain so pre Mac ARM, so do hope they work quickly to fix the vulnerabilities which make this feasible (such as an app installing itself in multiple places - should be an instant red flag).

 

[appahappa]

What? I cannot trust pirates anymore?

 

[mw360]

another reason why you always run "sketchy" software inside a virtual machine

What would be the point of running Little Snitch in a VM?

As this originated from a Russian forum, I thought I should provide my 2 cents as someone with inside perspective. In Russia and many CIS countries, piracy is not only common, it is sometimes the only means to access software at a reasonable price, or even at all. In every household of my extended family whom I've visited (I do not reside in Russia/CIS but most of my extended family is there) and did not set up their computer myself, you will find a pirated copy of Windows. This isn't because most of these people are breaking the law at will, but rather that it's very difficult to find retail copies of Windows in a lot of stores (especially in more rural regions), and due to median incomes being significantly lower than those in the west, many simply can't allow themselves to spend over $100 on a retail copy of Windows. This applies for macs as well, since there is often no way any local provincial store could carry specialized software, and with exchange rates and sanctions being prevalent nowadays, it is most likely even more inaccessible than it would be to a western consumer. In terms of hardware, most people will run machines for significantly longer than what is considered "normal" in the west, by using outdated operating systems (as in running a 7-8 year old machine in daily use) or hackintoshing if they can't afford a mac at all. Piracy allows these people to use important software that they might not be able to access at all. Also, I don't think that it matters whether it's a PC or Mac in whether one is more "wrong" compared to the other. Considering that buying any computer is expensive for most people, they feel that saving money on software will allow them to focus more on hardware which they will be able to use for longer. I feel the issue of software piracy is very polarizing, especially for those who have reliable access and he means to purchase software. I feel that many of us in the west take this for granted, whereas there are many living in places that simply don't have that opportunity. I do not condone piracy, however we need to consider all perspectives before immediately pass judgement.

Bolding mine. Rich or poor make the same excuses for buying the computer but stealing the software. In reality people buy the computer and steal the software because they can steal the software and can't steal the computer. If stealing the software meant mugging someone, or breaking down a door, then they'd spend a little less on the computer so they had money left for the software.

It sucks to not be able to afford Windows, but nobody wants to actually pay for Windows, whether they have a spare $100 or not. For that and many other reasons there's Linux, which would probably be a much better product, if everyone in the world who can't or won't legally get Windows, used it instead.

 

[kwikdeth]

little snitch doesnt even cost that much and provides a very useful utility

 

[Tech198]

Stick to legit apps from legit services and you'll be fine. Also keep an eye to make sure the apps are properly signed.

To have this happen you have to bypass macOS security and allow the non-signed installer run. It's like giving the keys to your house to some questionable person on the street and then being surprised when they take your stuff.

lol. well ... not good.

 

[Onelifenofear]

Irony: An app that helps people who use pirate software is hacked.

 

[CouponPages]

At least these thieves are cheaper than the previous generation of Ransomware.

I've seen RansomWare demands of as much as $4000. Anyone willing to pay $4000 will be attacked again and again.

 

[Fishrrman]

In addition to MalwareBytes:

ObjectiveSee:
RansomWhere?

Objective-See: RansomWhere?

objective-see.com

(ransomware detector for the Mac)

 

[nachodorito]

Everyone is like NO PIRACY. I WILL GO TO EACH HOUSE OF PIRATES AND MURDER THEM ALL. But you don't understand that this is not going on an adult's pc, who has disposable income and stuff, this is probably going to a person like me, a teenager who doesn't have any money and their parents just spent most of their money on an used or refurbished Mac.

For you $45 might not be much, but for a third-world middle class teen its a lot of money.

 

[icanhazmac]

For you $45 might not be much, but for a third-world middle class teen its a lot of money.

So stealing is ok then? Got it.

 

[boss.king]

Everyone is like NO PIRACY. I WILL GO TO EACH HOUSE OF PIRATES AND MURDER THEM ALL. But you don't understand that this is not going on an adult's pc, who has disposable income and stuff, this is probably going to a person like me, a teenager who doesn't have any money and their parents just spent most of their money on an used or refurbished Mac.

For you $45 might not be much, but for a third-world middle class teen its a lot of money.

This isn't a good argument.

Back when I was a teenager I pirated everything under the sun because I loved playing with new software or checking out games I couldn't afford.

Did I need any of it? No. I wanted it and felt like I deserved it. But I didn't deserve it, and neither do you.

For what it's worth, I still consider $45 to be a lot for most software. But if I can't justify the price, I just don't buy it. There are plenty of apps I'd love to have, but don't, and there are almost always free or cheaper alternatives that will mostly do the same job.

"But I'm poor" isn't an excuse to steal. Don't be a scumbag.

 

[cmaier]

Everyone is like NO PIRACY. I WILL GO TO EACH HOUSE OF PIRATES AND MURDER THEM ALL. But you don't understand that this is not going on an adult's pc, who has disposable income and stuff, this is probably going to a person like me, a teenager who doesn't have any money and their parents just spent most of their money on an used or refurbished Mac.

For you $45 might not be much, but for a third-world middle class teen its a lot of money.

Where does the inalienable right to possess things that you can’t afford come from? There are lots of things I can’t afford - i don’t steal them. When i was young i had no disposable income. I didn’t break into my neighbor’s house and steal his bike just because we couldn’t afford one.

 

[Somian]

I'm not sure you understand the situation fully...

I understand where they're coming from.

If Developers wouldn't encourage users to side load Apps and give them Installers that require the admin password, users wouldn't be used to putting the admin password into everything, thus reducing the effectiveness of malware like that.

 

[gallico916]

I love the fact that it came for a pirated "little Snitch" that is a network monitoring tool

 

[brinary001]

in any case, if this happens to you, a 2 step procedure will save the day:
- boot into internet recovery (can't be sure if the on-disk recovery data is compromised)
- reinstall from timecapsule

THIS^^ SO MUCH THIS

I hear time and time again now, that people are ditching their backup drives/Time Machine in favor of cloud backups or, more often, no backups at all... It's hard to still think about hard drives these days I know, especially external ones, but every single computer owner should have a reliable backup drive paired with good backup software, and have it set to back up regularly (everyday if possible) just for this very reason. But it's not just ransomware attacks. Computers are finicky and can still fail. At any time. For any reason. In the unfortunate event that something happens to your machine, at least you can pick up right where you left off!

 

[killawat]

Whilst this virus does not impact me currently, downloading apps for the Mac from outside the app store is the norm and will remain so pre Mac ARM, so do hope they work quickly to fix the vulnerabilities which make this feasible (such as an app installing itself in multiple places - should be an instant red flag).

Wait, what? No vulnerabilities involved in this attack. This isn't a MAS issue, an Apple silicon issue or anything like that. macOS will even tell you its unsigned code and will ask you if you're sure you want to run it. At that point, it has free reign. The installer didn't do anything particularly interesting and is quite boring.
Apple already has guidance for this type of thing

If you try to open an app that isn’t registered with Apple by an identified developer, you get a warning dialog. This doesn’t necessarily mean that something’s wrong with the app. For example, some apps were written before developer ID registration began. However, the app has not been reviewed, and macOS can’t check whether the app has been modified or broken since it was released.

A common way to distribute malware is to take an app and insert harmful code into it, and then redistribute the infected app. So an app that isn’t registered by an unidentified developer might contain harmful code.

The safest approach is to look for a later version of the app from the Mac App Store or look for an alternative app.

 

[4jasontv]

What makes you think you are entitled to have software you can’t afford? I can’t afford a Ferrari, but I don’t break into the dealership and steal one.

I get what you are trying to say... but the developers have no right to restrict how software is run. This idea that you lease software so developers have a right to tell you how it can be used is so morally wrong that it hurts my brain when I hear people use it as a defense for preventing customers from using the software how, where, and when they see fit. When developers sabotage their software with DRM and home-bound calls they force people to seek out modified versions. I'd wager many of the people who get pirated software do so because they can't use the retail version.
[automerge]1593632666[/automerge]

KazaaFreeWarezNakedBrittneySpearsVidz.com

OOOOf. Are you in your late 20's early 30's? I feel like you are dating yourself. If you said Hotline and Madonna I would have guessed late 30's early 40's, and Torrent and Taylor Swift I would have put you in the late-teens early 20's. My mind would have blown if you said Tor and Olivia Newton-John.

 

[T-R-S]

Little Snitch installers from torrent sites have been infected in the past.

 

[chych7]

So, then, you’re only stealing the operating system? Or are you stealing other software too? It’s a little unclear from your confession.

Downloading software without paying for it, yes. Well, Apple doesn't charge for the OS these days.

since you steal software, why not just steal the computer too?

Stop with the false equivalence, pirating is not the same as stealing, and you know exactly the reason. I can pirate software (and movies/TV/etc) from the comfort of my home with little risk of being caught (i.e. use VPN). Not the same as stealing a physical computer or media from a store. If I can't download the software, I'll just use something else/find a workaround; still not paying for it and still not depriving a purchase. By the way I do buy apps/software I think is worth it, and I'll actually use. A lot of software I think is overpriced or not worth it due to me only needing its use very infrequently.

 

[boss.king]

Stop with the false equivalence, pirating is not the same as stealing, and you know exactly the reason. I can pirate software (and movies/TV/etc) from the comfort of my home with little risk of being caught (i.e. use VPN). Not the same as stealing a physical computer or media from a store. If I can't download the software, I'll just use something else/find a workaround; still not paying for it and still not depriving a purchase. By the way I do buy apps/software I think is worth it, and I'll actually use. A lot of software I think is overpriced or not worth it due to me only needing its use very infrequently.

And what makes you the decider of what's worth paying for and what's okay to steal? Just because you only need something once or twice doesn't make it any less expensive to maintain and run. Piracy is stealing whether you use the app once or a thousand times. Don't be a scumbag, support developers for the things you use.

 

[icanhazmac]

Stop with the false equivalence, pirating is not the same as stealing, and you know exactly the reason. I can pirate software (and movies/TV/etc) from the comfort of my home with little risk of being caught (i.e. use VPN).

Pirating is 100% the same as stealing. Thief!
So the chance of getting caught is the only thing that keeps your criminal side in check?

Downloading software without paying for it, yes. Well, Apple doesn't charge for the OS these days.

MacOS is not "free" in that sense, I believe the EULA states that it can only be run on Mac hardware, so you pay for it with the computer, what you are doing is stealing, no other way to put it. Thief!

 

[cmaier]

Stop with the false equivalence, pirating is not the same as stealing, and you know exactly the reason. I can pirate software (and movies/TV/etc) from the comfort of my home with little risk of being caught (i.e. use VPN).

And that, ladies and gentlemen, is the most brilliant essay on ethics since Plato and Aristotle.

He says pirating software is ok, unlike stealing a car, because when you pirate software you won’t get caught.

 

[CarlJ]

Downloading software without paying for it, yes. Well, Apple doesn't charge for the OS these days.

Apple does charge for the OS. The price is, you have to have purchased the Apple device that you’re running it on. If you’re using the OS on hardware not made by Apple, that’s stealing.

 

[villagehiker]

Pretty funny to a get hammered by pirating Little Snitch.