: Locky Ransomware - could affect Macs via webpages


krs
Feb 19th, 2016, 04:18 PM
https://nakedsecurity.sophos.com/2016/02/17/locky-ransomware-what-you-need-to-know/

CubaMark
Feb 19th, 2016, 04:50 PM
Can you give more info on this?

I've ready through Ducklin's post a few times now... I see nothing about Macs being affected "by webpages". The only mention of OS X, Linus, etc, if I'm reading that right, is if they're mounted as a network share accessible by an infected Windows machine.

And - I assume - only the files accessible in the share folder would be compromised... yes?

Details?

pm-r
Feb 19th, 2016, 06:05 PM
Didn't notice much for Mac users directly..
'Locky' ransom ware, which infects like Dridex, hits the unlucky

Or
Beware of Microsoft Word document attachments that use macros
'Locky' ransomware, which infects like Dridex, hits the unlucky | Computerworld (http://www.computerworld.com/article/3033941/security/locky-ransomware-which-infects-like-dridex-hits-the-unlucky.html)

krs
Feb 19th, 2016, 07:42 PM
Can you give more info on this?

I've ready through Ducklin's post a few times now... I see nothing about Macs being affected "by webpages". The only mention of OS X, Linus, etc, if I'm reading that right, is if they're mounted as a network share accessible by an infected Windows machine.

And - I assume - only the files accessible in the share folder would be compromised... yes?

Details?

I picked this info up from the German news where I first came across an article on this trojan
Locky: 17000 Windows-Rechner in Deutschland täglich infiziert - SPIEGEL ONLINE (http://www.spiegel.de/netzwelt/gadgets/locky-17000-windows-rechner-in-deutschland-taeglich-infiziert-a-1078318.html)

Very last paragraph talks about picking this up from legitimate websites (runit through google translate)
Then the first English link I posted mentiones OS X.
On top of that macros may be involved.

So I could be totally wrong about the possibility of OS X being compromised but I thought I'd post it to make people aware and get a discussion going.
If there is no chance of a Mac being infected so much the better.

eMacMan
Feb 19th, 2016, 09:04 PM
It has been a very long time since I have had MS Word or Office installed on my computer. The version I had would not play Word Macros which had come across form Windows. As I very vaguely recall it was also possible to disable Macros entirely, which would be an extremely intelligent move for anyone prone to downloading Word (or other Office) documents from unknown sources.

That said if I was faced with a document that demanded Word to open it, I would do so using the online version of Word available through MS OneDrive.