A new form of crypto-ransomware for macOS is being spread through BitTorrent, security researchers have warned.
The malware known as Patcher, was found by security vendor ESET on BitTorrent peer-to-peer distribution sites.
ESET in its blog details the ransomware termed OSX/Filecoder.E, which is written in Apple’s Swift programming language and distributed via BitTorrent sites. It masquerades as a cracking tool for commercial softwares like Adobe Premiere Pro CC and Microsoft Office for Mac.
Once activated by a user, the malware not only encrypts files in the /Users directory, but also scrambles data on all mounted and network storage it finds in the /Volumes directory.
The ransomware then asks victims for a payment of 0.25 Bitcoin (A$367) for a decryption key. However, Patcher is badly coded and lacks the ability to communicate with a command and control server.
The key that was generated to encrypt the files on users’ computers cannot be sent to the ransomware authors, and they in turn cannot send a decryption key to victims. In other words, paying the ransom will not unlock the files.