How to recover from ransomware in your Mac

While a vast majority of ransomware that’s been developed targets Windows computers, malware authors have begun to attack Mac devices. Recently, researchers discovered a new ransomware strain, OSX/Filecoder.E, which encrypts Mac files and keeps them locked even after the victims have paid the ransom. But don’t worry, there is still hope if you follow the security advice below.

According to ESET security researchers, even though the Filecoder ransomware was written in Apple’s programming language, the malicious code is not as potent or as skillful as other viruses. In fact, it’s so poorly written that hackers never developed a method to retrieve the encryption key once the ransom has been paid.

In any case, whether you’re dealing with Filecoder or some other ransomware, we advise against ever giving in to the hacker’s demands.

Avoid Filecoder
So far, Filecoder isn’t given out via phishing emails like most ransomware; instead, it’s distributed on Torrent sites and goes by the name “Patcher.” Therefore, it’s best to stay away from these highly unregulated (and mostly illegal) websites and stick to trusted app stores like Mac, Microsoft, and Google.

Even if the ransomware is not sent out via phishing campaigns, you should still be careful of any unsolicited emails with strange file attachments in case the malware authors decide to branch out.

Install preventive measures
Like with any other malware, being proactive with your cybersecurity solutions is the best way to defend against Filecoder. Install reliable antivirus software, intrusion prevention systems, firewalls, and update systems whenever possible.

You must also maintain backups and have a disaster recovery plan to keep your business running in the off chance that ransomware or any other cyberattack successfully infiltrated your systems.

Defeat the ransomware
Given the ransomware’s shoddy code, security researchers have found a way to decrypt files without paying. Free cracking tools like PKCRACK can recover Filecoder-encrypted data if you have one original version of the affected files. The recovery process, however, does require some programming knowledge, so contact an IT expert or a managed services provider to unlock the ransomware for you.

Filecoder may not be the strongest malware around, but this could just be the start of Mac-based attacks. To protect your business from the onslaught of cyberattacks, you need security experts. Contact us today.