• LockBit's new ransomware targeting macOS users was first detected in November 2022
  • A computer security expert said the new malware is still not fully functional
  • DOJ said the LockBit gang had extracted tens of millions of dollars from ransom demands

The notorious hackers behind LockBit ransomware are reportedly developing a new version of malware targeting Apple's macOS users.

Infosec website HackRead reported that MalwareHunterTeam and Vx-Underground spotted the new malware, and it was first detected in Mac devices in November 2022.

Dubbed "locker_Apple_M1_64," experts said this was the first time the malware was specially created for Mac devices, highlighting the LockBit gang's significant development in their tactics.

"Not a single person I can find tweeted LockBit has a Mac targeting version before I did above yesterday, nor can find any blog posts mentioning it, etc.," MalwareHunterTeam said on Twitter.

"So even if the gang had the first build in 2022 November, for public, this is not late at all, but even yet, seems the first," the group added.

The new malware has yet to pose a serious risk to macOS users despite the revelation, Patrick Wardle, a security researcher and founder of Objective-See, claimed.

Wardle argued that the malware sample he analyzed was not signed by a trusted certificate, which means Mac devices won't allow it to run.

Wardle said the new ransomware is still not fully functional since it is riddled with bugs and flaws, causing it to exit prematurely.

The computer security expert added that Apple's Transparency, Consent, and Control (TCC) and other file system protection tools would limit the impact of LockBit's new malware.

According to Kaspersky, LockBit emerged in September 2019 and was initially called "ABCD" ransomware.

Russian cybercriminals designed the ransomware to block user access to digital devices in exchange for a ransom payment.

The hackers behind the ransomware often victimize individuals and organizations capable of paying a hefty ransom and are easily swayed by threats.

Last year, the Department of Justice said that the notorious ransomware had already victimized more than a thousand individuals and groups worldwide, including in the U.S.

"LockBit members have made at least $100 million in ransom demands and have extracted tens of millions of dollars in actual ransom payments from their victims," according to the Justice Department.

In December, LockBit also wreaked havoc on a children's hospital in Canada. The malware attack impacted the internal systems and phone lines of the University of Toronto's Hospital for Sick Children (SickKids), causing delays in retrieving laboratory and imaging results and adding more time to treat some of its patients, according to Wired.

In January, the U.K.'s Royal Mail was attacked by LockBit, causing its international shipping to be suspended. Royal Mail advised its customers not to send new international parcels following the cyberattack.