Mac OS is next?! MacSpy, MacRansom Bring Malware-as-a-Service Model

Mac OS is next?! MacSpy, MacRansom Bring Malware-as-a-Service Model

Internet security company found that macOS blackmail MacRansom, and a steal machine information can be spyware MacSpy, show Mac security has been a crisis.

Previously Wanna Cry extortion cause global Windows users headache, although the relevant attacks seem to have come to an end. We here advise Mac users do not careless.


According to network security company Fortinet and AlienVault, MacRansom and MacSpy are now on the Dark Web. MacRansom is the world’s first virus/fault specifically attack the blackmail system, because it is not a completely release to public (Beta version) users must contact the developer to get this software, and once installed to Mac, MacRansom will immediately encrypt the file, and TargetFileKey  in OS X will be tampered , even if the deletion can not decrypt the file. The decryption of ransomware can only be done by paying the 0.25 Bitcoin, which is about RM 3035 to RM 3459. As MacRansom is not widely circulated on the Internet, at current stage should only a few user trapped in the action.

MacSpy belongs to the Malware-as-a-service (Malware-as-a-service) either the free version or the paid version, which can be decryption though payment of Bitcoin. MacSpay and MacRansom may be from the source of  same person or organization.

The Free Version of MacSpy is mainly to intercept the Mac screen, log keystrokes (record the keyboard input), recording and access to photos. While the Paid version of MacSpy will add encrypted files, open e-mail, invasion of the community media account.