Until now ransomware was targeting Windows and Linux users but now it’s time for Apple users to feel the taste

The ongoing battle about encryption engulfing Apple has reached a whole new level as Apple users of the Macintosh computers were hacked over the weekend using software known as ransomware. The attempt is the first of its kind against the Macintosh computers, researchers with Palo Alto Networks revealed.

New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer

Ransomware, a form of cyber threat that is used by hackers, encrypts data on infected machines, and then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can get hold of their data again.
ransom-malware-targets-apple-users-for-first-time-3

The software is growing faster as it makes easy cash for hackers who get paid instantly by people willing to get hold of their data and estimates suggest that these ransoms total millions of dollars a year from such covert operations. The ransomware software was typically used against users of Microsoft’s Windows operating system has now jumped ship and gone over to the Apple controlled Macintosh computers.

The malware dubbed “KeRanger” malware, had first appeared on Friday the 4th of March according to Ryan Olson a threat intelligence director at Palo Alto. He also said this was the first functioning ransomware which had attacked Apple’s computers. An Apple representative said the company had taken measures against the malware by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macintosh. No other further details could be provided when asked for more.

The malware which usually sits for a while on the infected computer without doing anything is programmed to encrypt the files on the infected computer three days after the first infection. Thus, if Apple’s measures to neutralise the malware fail then the first victims of file encryption will be seen on Monday which is exactly three days after the malicious program appeared.

Palo Alto planned to release a helpful blog for Macintosh users to help and advise them on ways to check and see if they were infected with the malware and how to get it away from harming their data and protection against it.

The Transmission site which offers the open source software that was infected by the ransomware is an application used for Bit Torrent peer to peer information sharing of videos, music and another data is one of the most popular Macintosh applications.


ransom-malware-targets-apple-users-for-first-time
KeRanger hosted in Transmission’s website

Representatives were unavailable for comment but they did, however, post a warning message on Sunday saying the current version 2.90 of its Mac software was compromised with malware and that it  advised users to quickly either upgrade to the new version 2.91 or delete the malicious one altogether. It also provided information to check if they were affected.

Ali Raza

Ali is a freelance journalist, having 5 years of experience in web journalism and marketing. He contributes to various online publications. With a master degree, now he combines his passions for writing about internet security and technology. When he is not working, he loves traveling and playing games.