Hacker promises to kill Apple Mac ransomware before it becomes a nightmare

“Ransomware has become the scourge of the web in recent months,” Thomas Fox-Brewster reports for Forbes. “But if you own an Apple AAPL +0.57% Mac, there’s much less chance of your PC being infected with ransomware than if you’re a Microsoft MSFT -0.71% user. Only one fully-functional sample has ever been seen — KeRanger, which infected under 7,000 Apple machines.”

“Not only are there only a handful of examples, two of which were developed as research projects rather than genuine cybercriminal tools, but one professional hacker has developed a tool he believes will successfully prevent any current forms of ransomware infecting Mac OS X,” Fox-Brewster reports. “And he believes that as long as criminals aren’t able to hack his tool, future forms of ransomware should be killed before they even have a chance to make a mockery of Apple security.”

“Patrick Wardle, a former NSA staffer who now heads research at bug hunting outfit Synack, created the software, ‘RansomWhere?,’ after researching those few examples of Apple Mac ransomware and determining that anti-virus wasn’t up to snuff when it came to this insidious form of malware,” Fox-Brewster reports. “Wardle admits his tool isn’t perfect and could be circumvented by hackers who can detect RansomWhere? running on a Mac, removing its capabilities or finding a way to avoid detection. Files outside of a users’ home directory are not protected by the tool. Ransomware could, therefore, shift files outside that directory and lock them up. And, as RansomWhere? trusts all Apple-signed files as well as apps already installed on a Mac, it wouldn’t be able to help if the malware can abuse them. ‘I’m hoping all the ransomware authors are high and overlook this [release],’ said Wardle.”

Read more in the full article here.

MacDailyNews Take: Not high enough, it would seem. It’s already been circumvented with just 10 lines of code. See the full article.

Good news and bad news as ransomware comes to the Mac – March 17, 2016
Mac ransomware ‘KeRanger’ was ported from Linux, affected less than 7,000 users – March 9, 2016
Mac ransomware attack casts light on a booming shadow industry – March 8, 2016
Why you should stick with the Mac App Store for safer OS X software downloads – March 8, 2016
7 steps to protect yourself from over-hyped Mac ‘ransomware’ threat – March 7, 2016
Mac users targeted in first known OS X ransomware scam – March 6, 2016

1 Comment

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.