Menu
F-Secure buys Little Flocker to combat macOS ransomware

F-Secure buys Little Flocker to combat macOS ransomware

Little Flocker enforces low-level access control to files and other sensitive resources like the webcam and microphone

With attacks against Mac users growing in number and sophistication, endpoint security vendor F-Secure has decided to acquire Little Flocker, a macOS application that provides behavior-based protection against ransomware and other malicious programs.

Little Flocker can be used to enforce strict access controls to a Mac's files and directories as well as its webcam, microphone and other resources. It's particularly effective against ransomware, spyware, computer Trojans and other malicious programs that attempt to steal, encrypt or destroy files.

F-Secure plans to integrate Little Flocker, which it calls "the most advanced security technology available for Macs," into its new Xfence technology. Xfence is designed to  add behavioral-based protection to its existing endpoint security products for macOS.

Little Flocker was developed by iOS forensics expert Jonathan Zdziarski. In March, Zdziarski announced that he had accepted a position with Apple’s Security Engineering and Architecture team, which might explain why he decided to sell his project.

While Macs have historically been targeted less than PCs by attackers, that has begun to change in recent years. That's because MacBooks are preferred by many senior-level company executives, developers and other groups of users that are considered high-value targets for both cybercriminal and cyberespionage groups.

Recently leaked documents that allegedly belong to the CIA show that its cyberoperations division has a great interest in MacBooks. The agency has developed low-level firmware implants and espionage software for Apple computers.

Cybercriminals are also targeting Macs. Several Windows Trojan programs  have been ported to macOS and last year also saw the discovery of the first file-encrypting ransomware for the platform.

Little Flocker integrates with macOS at a low level and cannot be easily disabled by malware. It allows users to specify which applications have access to which files or directories. Since it provides real-time protection against unauthorized access to data it can be highly effective at stopping ransomware, which typically attempts to encrypt a large number of files.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AppleF-SecureMacs

Show Comments
[]