A Ransomware Discovered on Apple Computers
One of the reasons users of Mac opt for this platform is that it’s not prone to virus and malware. It can get viruses but it’s still safer than a PC because Apple is doing a reasonably good job in patching those bugs and security vulnerabilities.
But, last Friday, about 6,500 people were able to download a ransomware for Apple computers. This type of malicious program infects your computer that can be used to encrypt everything in your computer. The owner of the infected computer can only access his/her Apple computer again after paying a ransom to the hacker, who launched the code.
The ransomware discovered on Friday infected an app that has been distributed by Transmission, which is an open source program used for a file sharing protocol. The owners of an infected Mac would find their data inaccessible or locked up. They were asked to pay one bitcoin to regain their access to their computer.
Apple immediately pulled the developer certificate so the affected app could not be downloaded and installed on a Mac computer. Transmission has released a new version of its app over the weekend and the latest version contained a code that could remove the infection.
In a statement issued by Transmission:
Everyone running 2.90 on OS X should immediately upgrade to and run 2.92, as they may have downloaded a malware-infected file. This new version will make sure that the “OSX.KeRanger.A” ransomware (more information available here) is correctly removed from your computer. Users of 2.91 should also immediately upgrade to and run 2.92. Even though 2.91 was never infected, it did not automatically remove the malware-infected file.
KeRanger
This ransomware’s name is KeRanger and Palo Alto Networks first discovered it. According to the security firm:
On March 4, we detected that the Transmission BitTorrent client installer for OS X was infected with ransomware, just a few hours after installers were initially posted. We have named this Ransomware “KeRanger.” The only previous ransomware for OS X we are aware of is FileCoder, discovered by Kaspersky Lab in 2014. As FileCoder was incomplete at the time of its discovery, we believe KeRanger is the first fully functional ransomware seen on the OS X platform.
Apple computers are considered to be less vulnerable to this type of issue than Windows computers. There are only a few viruses and malicious programs that are written for these computers. In addition to Apple’s more secure OS than Windows’, Apple maintains a smaller market share. As a result, it makes it a less enticing target for hacking. Apple computers only made up 12.8 percent of the market in the US last year.
Actual infections of the said ransomware haven’t been reported yet. However, your Mac may be infected, but you won’t know it by now as it takes three days before it can be activated and start to encrypt your files.
Furthermore, the Transmission file sharing app isn’t available on Mac Apple app store. It’s one of the reasons the app was possible to get infected.
