- Nov 10, 2017
Patrick Wardle, the famed cybersecurity researcher specializing in Apple products, has conducted an analysis of a new macOS ransomware named Turtle.
Wardle’s analysis suggests that the Turtle ransomware is currently not sophisticated, but the malware’s existence indicates that cybercriminals continue to show an interest in targeting macOS users.
Versions of the Turtle ransomware appear to have been created for Windows and Linux systems as well.
Several of the vendors on VirusTotal already detect Turtle as a potential threat, which is unusual for a new piece of malware targeting macOS, but may be explained by similarities to the Windows version, for which crowdsourced YARA rules exist.
The malware was developed in Go and, based on strings found in the binary, ‘Turtle’ appears to be the name given by its author.