Questions? Feedback? powered by Olark live chat software

First sign of Ransomware on Macs

It has been a long standing belief that Mac computers are safe from viruses and malware attacks. For years, it has been the deciding factor for users when purchasing a new computer that Macs are “just safer” because of the low number of threats out there that can affect a Mac computer. With OS X being considered a more secure operating system, and with smaller market share, most hackers choose to write malicious software and viruses for Windows PCs.

 However, for the first time on the Mac platform a fully functional ransomware dubbed KeRanger, has been discovered by the security firm Palo Alto Networks. Ransomware is malicious software that will encrypt the files on your computer and keep it locked until the owner agrees to pay a ransom to the hackers through untraceable bitcoins. The ransom can be set by the hacker, and in this particular instance, the KeRanger virus was reported to be asking for $400 to release an encrypted computer.

The ransomware was discovered last Friday in an app distributed by Transmission, an open source file sharing program, and was downloaded by approximately 6,500 people before Apple was able to shut it down. Apple pulled the developer certificate that had allowed the Transmission software to work and updated the Mac OS X with an anti-malware system to prevent further installations. While 6,500 Macs may have downloaded malicious software, the damage may still remain minimal. Transmission spokesman John Clay presumes, “Of those [6,5000], … many were unable to run the infected file due to Apple quickly revoking the certificate,”.

While no actual infections have been reported, it will be a few days before any of the KeRanger malware shows up. The virus stays hidden for three days before activating and encrypting a user’s data.

It is worth noting that the malware has only been detected in the Transmission app, and it is still unknown if this infection is more widespread and affecting other popular apps. All apps sold through the Mac Apple app store go through a meticulous vetting process that prevents the distribution of such harmful software. This is why you will not find the Transmission file sharing app in the app store. Apple warns users of the security risks associated with programs outside of the Apple approved app store.

If you are worried your system has been infected with malicious software, fill out our Contact form and request a free Infrastructure Assessment. And for the latest news on protecting your Apple products, as well as tips to keep your network safe, sign up for our monthly newsletter.