cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram

LockBit ransomware is evolving: Apple and ARM devices in the crosshairs

Security researchers have uncovered what appears to be an iteration in LockBit ransomware capabilities, suggesting the group is looking at targeting a range of hardware architectures in the near future.

user icon David Hollingworth
Fri, 23 Jun 2023
expand image

Kaspersky’s Securelist revealed that they recently “stumbled” upon a collection of .ZIP files containing samples of the ransomware coded for a wide range of non-typical hardware architectures. Apple M1, ARM v6, ARM v7, and FreeBSD all have new, dedicated versions, among others.

Upon analysing the code of each sample, the researchers found a significant overlap with a previous Linux-based version of the ransomware. However, the macOS sample was unsigned, meaning it could be run, and the encryption method was effectively missing. The code is very likely in a testing phase at the moment.

“Nevertheless, our findings suggest that LockBit will target more platforms in the wild in the (near) future,” Kaspersky’s researchers said in a blog post.

The news comes as Apple has announced its own passkey system for both macOS and iOS.

The introduction of passkeys to iOS 17, iPadOS 17, and macOS Sonoma will allow users to log on without using a password, instead relying on touch or facial ID alongside the user’s Apple ID.

“A passkey is a cryptographic entity that’s not visible to you, and it’s used in place of a password,” Apple said on a support page. “A passkey consists of a key pair, which — compared to a password — profoundly improves security. One key is public, registered with the website or app you’re using. The other key is private, held only by your devices.”

“Through the use of powerful, industry-standard cryptography techniques, this key pair helps ensure a strong, private relationship between your devices and the website or app.”

You can learn more about Apple’s new passkeys here.

Comments powered by CComment

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.