• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

First ransomware targeting Mac users halted

Updated on Mar 7, 2016 by Guest Authors

The very first ransomware designed to target users of Mac computer has been busted over the weekend with close coordination between Apple Inc. and Palo Alto Networks.

Security researchers found that the file-encrypting malware was seeded inside Transmission, a legitimate Bitcoin application used by many Mac users. However, it was unclear how the attackers succeeded in uploading a tampered Transmission version to the application’s website.

This is the first time that Mac users were targeted by a ransomware attack. It usually focuses on Windows users. Attackers have grown interested in Mac as well as in Windows, though Apple’s the desktop computing market share is relatively smaller than Windows.

ransomware-mac-transmission

As we know it, ransomware targets its victims by encrypting their computer and files contained in it before asking the victims to pay a ransom in Bitcoin in order to recover their files and computer access through a decryption key.

The ransomware, called KeRanger, appears to affect Mac users who are using the 2.90 version of the Bitcoin application. It would tremendously help if Mac users upgrade their Transmission software to the 2.92 version, Transmission said in an advisory published on its website. KeRanger is configured to connect to a remote command-and-control server three days after it is seeded in a Mac computer. It works to encrypt more than 300 file types, asking 1 Bitcoin for ransom, which is equivalent to $404.

Attackers have been in the habit of compromising legitimate applications such as Transmission, so the attack, though first in its attempt at targeting the Mac ecosystem, does not come as a surprise.

The tampered version of Transmission appeared to be a legit app because it was signed with an Apple developer’s certificate, which helps to bypass Apple’s Gatekeeper. It means the victims are not able to receive a warning that the application is harmful because a Mac user’s security settings automatically allow applications to be downloaded from identified Apple developers.

Apple was quick to revoke the certificate for Transmission following advisory from Palo Alto Networks and went on to update its antivirus engine called XProtect.

Ransomware threats are not immediately detected by ordinary antivirus software products as this scheme constantly updates in order to circumvent detection methods provided by security vendors. The best way to counter ransomware attacks is to back your files up in an isolated system so that it is inaccessible to attacks once your computer is infected. An even more serious danger arises when a ransomware is able to target your backup drive, such as the case with Apple’s Time Machine.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

bonoch Nursery Bundle Review – Innovative Smart Baby Monitor and OK-to-Wake Clock

SwitchBot Lock Review – Perfect Smart Lock for Renters

Laifen Swift Hair Dryer Review – How Is It The Perfect Dyson Supersonic Alternative?

SwitchBot Curtain Smart Electric Motor Review – The Upgraded Version

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • bonoch Nursery Bundle Review – Innovative Smart Baby Monitor and OK-to-Wake Clock
  • How to Spoof Location on iPhone without Jailbreak?
  • Premiere of the Demo of “EVOLUTION”, Tencent’s First Native Cloud Game, Leading Us to Set Off to the Real World Together
  • VANKYO Leisure 495W and Leisure 470 Pro Projector – New Full-HD Projector Series

Copyright © 2022 · All Rights Reserved