Filecoder Ransomware for MacOS Pretends to Be Software Crack - How to, Technology and PC Security Forum |

Filecoder Ransomware for MacOS Pretends to Be Software Crack

A virus, named Filecoder by researchers has appeared and has begun to infect macOS users, according to ESET experts. The malware uses fake cracks and patches for unlicensed versions of Adobe Premiere Pro as well as Microsoft Office for macOS. It was also detected on multiple torrent download websites.

Filecoder Infects via .ZIP Files

Reports indicate that this malicious software is spread in a bundled kit of applications that are software patches to make unlicensed software licensed. If the fake patch is opened, the victims receive instructions to click on a “Start” button which only pretends to patch the software, but instead causes the inevitable encryption in a hidden process.

The Filecoder virus then creates a unique string that encrypts files which are located in the /Users directory and any external devices and storage in the cloud.

The ransom note of this malware demands the victims to pay a hefty 0.25 BTC to a BitCoin address and then wait for the files to be decrypted by the cyber-criminals.

The Worse News

Even though it is promised to wait for decryption to take place, the Filecoder ransomware is not able to establish active communication with it’s command and control servers, which means that it doesn’t send any encryption keys, making decryption rather impossible.

What is even worse is that the decryption key itself cannot be cracked by the brute-forcing method, because it is too long in size.

At this point, there are no reports of victims paying the ransom and it is highly advisable to not pay anything and look for alternative to get the data back, even though the encryption of this virus is very sophisticated.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.