Apple’s Mac Computers Hit by First Ransom Malware

KeRanger Ransomware Targets Mac OS X
Jonny Gawler/Future/REX/Shutterstock

Give us your money, or else: Mac users and their computers aren’t immune from ransom-demanding malware after all, as a first so-called ransomware attack was detected by the security researchers at Palo Alto Networks last week.

Mac owners who installed the Transmission BitTorrent client last Friday or Saturday may have infected their machines with a malware program called KeRanger that may attempt to encrypt some of their personal files. The app then displays a ransom note, asking users to pay around $400 to get access to these files again.

Ransomware attacks like these are nothing new for users of Windows PCs, where a number of similar programs have been attacking users for some time. Ransomware programmers typically hide their tracks by asking to be paid in Bitcoin, their apps are often  hard to detect by antivirus software.

These kinds of attacks do not just hit ordinary users: In February, reports surfaced that a hospital in Los Angeles was forced to pay $17,000 to unlock its patient records after they had been encrypted by ransomware.

KeRanger seems to be the first such kind of malware to specifically target Mac users, and Palo Alto Networks researchers speculated that attackers may have hacked the Transmission website to distribute a version of the app that was infected with the malicious code.

The good news is that Transmission’s developers have since removed the affected files, and that Apple has since revoked a security certificate used for the attack. Due to the quick response, it’s possible that just a few thousand users were affected by this particular attack — but it’s likely not the last time we’re going to hear about OS X ransomware.

Filed Under:

Want to read more articles like this one? SUBSCRIBE TO VARIETY TODAY.
Post A Comment 1

Leave a Reply

1 Comment

Comments are moderated. They may be edited for clarity and reprinting in whole or in part in Variety publications.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

  1. Heny Oneil says:

    My mackeeper AV stopped that ransomware, whew!

More Digital News from Variety

Loading