Novel Turtle ransomware targets macOS devices
Apple's macOS devices are being targeted by the new Turtle ransomware strain, which also has versions targeted at Windows and Linux systems, reports SecurityWeek.
Based on the Go programming language, Turtle ransomware, which has been designed to facilitate file encryption, has already been noted as a threat by numerous vendors on VirusTotal, a report from Apple-focused cybersecurity researcher Patrick Wardle. However, Wardle noted that the threat of the new ransomware is not severe as the malicious file that lacked Apple notarization could be averted by Gatekeeper. Decrypting files compromised by Turtle ransomware was also easy. "Of course it goes without saying, having your files ransomed sucks! But good news, in this case, the average macOS user is unlikely to be impacted by this macOS sample. Still, the fact that ransomware authors have set their sights on macOS, should give us pause for concern and also catalyze conversions about detecting and preventing this (and future) samples in the first place!" Wardle said.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.