“New research suggests that a strain of ransomware which affected Mac computers this month may have been less threatening than it initially appeared,” Sean Sposito reports for The San Francisco Chronicle. “The attack, detected March 4, was limited to roughly 6,500 laptops and desktops whose users downloaded an update to Transmission, a file-sharing application.”
“Fully functional ransomware had never affected OS X, the operating system Macs run on. Researchers at Palo Alto Networks, who first detected it, dubbed the ransomware KeRanger,” Sposito reports. “Ransomware can make its way onto people’s machines through downloads — which KeRanger used — as well as phishing emails and infected banner ads on websites.”
“KeRanger has a basic flaw which makes it easy for experts to defeat the malware’s encryption and restore files. The key used to encode and decode a victim’s files is derived from a timestamp, or the exact moment that those files were maliciously encrypted, said Botezatu,” Sposito reports. “”That’s the good news. The bad news is that the next developer of ransomware may not make the same mistake.”
Read more in the full article here.
MacDailyNews Take: Beware phishing attempts and consider limiting downloads to the Mac App Store if possible.
Mac ransomware ‘KeRanger’ was ported from Linux, affected less than 7,000 users – March 9, 2016
Mac ransomware attack casts light on a booming shadow industry – March 8, 2016
Why you should stick with the Mac App Store for safer OS X software downloads – March 8, 2016
7 steps to protect yourself from over-hyped Mac ‘ransomware’ threat – March 7, 2016
Mac users targeted in first known OS X ransomware scam – March 6, 2016