- 04 June | MGP Strategy Series | GS Paper 4 (Ethics) with AIR 7 A.R. Rajah Mohaideen Click Here to register for the session →
- 04 June | GS Advance Program begins from 4th June 2026 | First 2 classes open to all Click Here to register for the event →
- 05 June | MGP Strategy Series | GS Paper 3 Strategy Session with AIR 406 Mannat Luthra Click Here to register for the session
- 06 June | Open Orientation on Essay Guidance Program (EGP 2026) Click Here to register →
- 07 June | Open Orientation for Current Affairs for Mains 2026 Click Here to register →
- 07 June | Sociology Optional Strategy Session with AIR 10 Ujjwal Priyank Click Here to register →
Contents
Source: The post is based on the article “What is LockBit ransomware and how is it specifically targeting Apple computers?” published in The Hindu on 24th April 2023
What is the News?
Reports have emerged that LockBit ransomware was found to be targeting Mac devices.
What is LockBit ransomware?
LockBit ransomware was first reported in 2019. It has been dubbed as the “abcd” virus due to the file extension used when encrypting victims’ files.
It is designed to infiltrate victims’ systems and encrypt important files. The virus is categorized as a “crypto virus” due to its requests for payment in cryptocurrency to decrypt files on the victim’s device.
The ransomware is therefore typically deployed against victims who feel hindered enough by the disruption to pay heavy sums in exchange for access to the files and can afford to do so.
How does LockBit ransomware work?
It works as a self-spreading malware, not requiring additional instructions once it has successfully infiltrated a single device with access to an organizational intranet.
It is also known to hide executable encryption files by disguising them in the .png format, thereby avoiding detection by system defences.
Attackers use phishing tactics and other social engineering methods to impersonate trusted personnel or authorities to lure victims into sharing credentials.
Once it has gained access, the ransomware prepares the system to release its encryption payload across as many devices as possible.
It then disables security programs and other infrastructures that could permit system data recovery. The goal is to ensure that data recovery without assistance from the LockBit gang is impossible.
After this, they leave behind a ransom note, with instructions to restore the system, and has reportedly also included threatening blackmail messages.
Victims are then left with no choice but to contact the LockBit gang and pay up for the data, which the gang may sell on the dark web — whether the ransom is paid or not.
How one can protect systems against LockBit ransomware?
Organizations and individuals can take certain steps to increase resilience against such cyber threats such as:
– Use of strong passwords, with strong variations of special characters which are not easy to guess along with multi-factor authentication should be implemented.
– Undertake training exercises to educate employees on the use of phishing attacks and their identification.
– Old and unused user accounts should be deactivated and closed as they can become weak links in the security apparatus.
– Organizations should have an understanding of cybersecurity threats and vulnerable points that may be exploited by cybercriminals.
