“Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday,” Jim Finkle reports for Reuters. “Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data. Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft Corp’s Windows operating system.”
“Palo Alto Threat Intelligence Director Ryan Olson said the ‘KeRanger’ malware, which appeared on Friday, was the first functioning ransomware attacking Apple’s Mac computers,” Finkle reports. “An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs.”
“The Transmission site offers the open source software that was infected with the ransomware,” Finkle reports. “Transmission is one of the most popular Mac applications used to download software, videos, music and other data through the BitTorrent peer-to-peer information sharing network… The project’s website on Sunday carried a warning saying that version 2.90 of its Mac software had been infected with malware. It advised users to immediately upgrade to version 2.91 of the software, which was available on its website, or delete the malicious one. It also provided technical information on how users could check to see if they were affected.”
Read more in the full article here.
MacDailyNews Note: Transmission’s website (https://www.transmissionbt.com) states:
Everyone running 2.90 on OS X should immediately upgrade to and run 2.92, as they may have downloaded a malware-infected file. This new version will make sure that the “OSX.KeRanger.A” ransomware (more information available here) is correctly removed from your computer.
Users of 2.91 should also immediately upgrade to and run 2.92. Even though 2.91 was never infected, it did not automatically remove the malware-infected file.
[Thanks to MacDailyNews Readers “George” and “Road Warrior” for the heads up.]