Malware News New ‘Turtle’ macOS Ransomware Analyzed

CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Content source
https://www.securityweek.com/new-turtle-macos-ransomware-analyzed/
Patrick Wardle, the famed cybersecurity researcher specializing in Apple products, has conducted an analysis of a new macOS ransomware named Turtle.

Wardle’s analysis suggests that the Turtle ransomware is currently not sophisticated, but the malware’s existence indicates that cybercriminals continue to show an interest in targeting macOS users.

Versions of the Turtle ransomware appear to have been created for Windows and Linux systems as well.

Several of the vendors on VirusTotal already detect Turtle as a potential threat, which is unusual for a new piece of malware targeting macOS, but may be explained by similarities to the Windows version, for which crowdsourced YARA rules exist.

The malware was developed in Go and, based on strings found in the binary, ‘Turtle’ appears to be the name given by its author.
Click to expand...

The rest
www.securityweek.com

New 'Turtle’ macOS Ransomware Analyzed

New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Apple devices.
www.securityweek.com www.securityweek.com
 
  • Like
  • +Reputation
Reactions: Anthony Qian, Shadowra, Trident and 9 others
ShenguiTurmi

ShenguiTurmi

Level 3
Well-known
Feb 28, 2023
128
I would like to make it clear that I wrote this set of tools, but they have not been used in any illegal situation, as my purpose was a research. I wonder how quickly security software vendors will notice a "new" ransomware on a non-mainstream platform.
The best evidence of not being used in illegal scenarios is that I didn't even generate a ransom note.
I uploaded the samples to VirusTotal/MetaDefender/Triage as soon as I finished writing them and reported them to all the security vendors I could contact.
I even prepared a post documenting the process by which they detected it, if you can use web translation.
https://bbs.kafan.cn/thread-2263204-1-1.html
Time to put an end to this farce...
 
  • Like
  • Applause
  • HaHa
Reactions: CyberTech, Dolphiner, Anthony Qian and 4 others

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Malware News New RustDoor macOS malware impersonates Visual Studio update
Replies
0
Views
840
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Lymphocyte
    • Like
Security News LockBit ransomware affiliate gets four years in jail, to pay $860k
Replies
0
Views
719
Security News
Lymphocyte
Lymphocyte
Lymphocyte
    • Like
    • +Reputation
Malware News SpectralBlur: New macOS Backdoor Threat from North Korean Hackers
Replies
1
Views
1,222
Security News
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top