“Ransomware – malware that encrypts your data and then demands a fee to unlock the data – is on the increase,” Adrian Kingsley-Hughes reports for ZDNet. “A former NSA security expert has built a free, generic ransomware blocker for Mac.”
“The utility – called RansomWhere? – has been developed by Patrick Wardle, a former NSA security expert who now leads research at crowdsourced security intelligence firm Synack,” Kingsley-Hughes reports. “False positives are kept to a minimum because RansomWhere? explicitly trusts binaries signed by Apple (but not by Apple developers). It also trusts applications that are already present on the system when it is installed. This is a double-edged feature – on the one hand it helps reduce false positives, but on the other hand if ransomware is already present on the system before RansomWhere? is installed, it may not be detected.”
Kingsley-Hughes reports, “ZDNet has tested this utility and can confirm that it does detect and prevent the KeRanger ransomware from encrypting files.”
Read more in the full article here.
MacDailyNews Take: Reportedly this is thwart-able, so its efficacy is suspect.
Hacker promises to kill Apple Mac ransomware before it becomes a nightmare – April 20, 2016
Good news and bad news as ransomware comes to the Mac – March 17, 2016
Mac ransomware ‘KeRanger’ was ported from Linux, affected less than 7,000 users – March 9, 2016
Mac ransomware attack casts light on a booming shadow industry – March 8, 2016
Why you should stick with the Mac App Store for safer OS X software downloads – March 8, 2016
7 steps to protect yourself from over-hyped Mac ‘ransomware’ threat – March 7, 2016
Mac users targeted in first known OS X ransomware scam – March 6, 2016