Hackers could try to buy a developer's certificate from Apple, which costs $99, to digitally sign the ransomware so Gatekeeper wouldn't stop it. But Wardle said Apple usually quickly revokes certificates that end up in the wrong hands.
Still, the experiments by Marques and Vilaca show how easy it would be for ransomware writers to diversify if they wanted to.
"I'm sure we will see more Mac ransomware," Wardle said.
Sign up for CIO Asia eNewsletters.