February has been a relatively busy month in the world of Mac malware, and now it has gotten busier with the appearance of the second piece of ransomware ever to affect macOS. Fortunately, this is quite poor ransomware that will only bite those who are doing something wrong in the first place. Nonetheless, it’s good enough to cause your day to go bad in a very big way if you get infected.
This malware, which an update to Apple’s XProtect signatures calls Findzip, was found and described by ESET. According to their report, Findzip has been found on piracy sites masquerading as cracks for Adobe Premier Pro and Microsoft Office, although ESET was careful to point out that there may be other such files out there.
These apps are signed, but with a certificate not issued by Apple, which is unusual. Fortunately, they won’t open by default on a Mac as a result of this.
Full Article
