Mac users are currently being targeted by LockBit.

According to a report from MalwareHunterTeam, what appears to be the first ransomware build designed for macOS has surfaced on the web. While unclear, this could be the first time a large ransomware group like LockBit has targeted Apple devices.

Over the past few years, LockBit has become one of the most powerful ransomware groups. While focusing on Windows, Linux, and virtual server platforms, it appears the organization has developed its first ransomware for Macs.

LockBit is believed by security experts to be a Russian-based organization because most of its members speak Russian. The group is known for its ransomware rental service (RaaS) business model – allowing other organizations to pay to use their ransomware.

Previously, Infosec warned of the appearance of the LockBit ransomware for Macs in November 2022, but to date, MalwareHunterTeam says it has found no mention of it on the internet. With the RaaS approach, security experts warn that a wave of ransomware attacks targeting Apple computers will soon follow.

Experts believe LockBit's rapid growth stems from its business acumen. Speaking to Wired , Jon DiMaggio, a security expert at Analyst1, stated that LockBit created ransomware that anyone could use. The group constantly updates its software, continuously seeks feedback, and prioritizes user experience. LockBit "poachs" members from rival gangs, operating the organization like a business, making it highly attractive to criminals.