Six Colors
Six Colors

by Jason Snell & Dan Moren

Support this Site

Become a Six Colors member and get access to an exclusive weekly podcast, community, newsletter and more.

By Jason Snell

New Mac ransomware spreading via piracy

Thomas Reed at Malwarebytes reports on some new Mac ransomware and how it works:

A Twitter user going by the handle @beatsballert messaged me yesterday after learning of an apparently malicious Little Snitch1 installer available for download on a Russian forum dedicated to sharing torrent links. A post offered a torrent download for Little Snitch, and was soon followed by a number of comments that the download included malware. In fact, we discovered that not only was it malware, but a new Mac ransomware variant spreading via piracy.

I’ve been critical of Reed and Malwarebytes before, but this sort of research is truly vital to the health of the Mac platform. And if you’ve ever wondered about how malware tries to do its thing, Reed’s article is fascinating. (And no, you don’t have to buy Malwarebytes to use it to remove malware.)

Reed’s conclusion:

The best way of avoiding the consequences of ransomware is to maintain a good set of backups…. If you have good backups, ransomware is no threat to you. At worst, you can simply erase the hard drive and restore from a clean backup. Plus, those backups also protect you against things like drive failure, theft, destruction of your device, etc.

Co-signed. Backups are vital. You should have them, on-site and off.

But, y’know, not downloading pirated software is also a really great way to avoid malware.


  1. Oh, the irony of a pirated copy of Little Snitch — an app used to monitor your network connection that can be invaluable in discovering unauthorized data leakage from your Mac! — being used to cloak malware.