This Sunday, researchers at Palo Alto Networks Inc have discovered that Apple customers that are using the Transmission BitTorrent Client on their Macintosh PCs have been targeted by a very serious type of malware known as 'ransomware'.
For those of you who don't know, ransomware is a piece of software that encrypts files on the infected devices with a strong algorithm, and demands the users money in exchange for the decryption key, which is by no means a guarantee that you'll get your data back.
There have been quite a few ransomware campaigns targeting Windows PCs in the past, but researchers at Palo Alto Networks believe that the "KeRanger" ransomware is "the first fully functional ransomware seen on the OS X platform".
According to the research firm, "KeRanger " stays inactive for three days, after which it begins encrypting certain types of files, as well as backup data, demanding one bitcoin (or about $400) to a specific address in order to get their files back.
On March 4, the attackers had integrated the ransomware in the installers of the Transmission Bittorrent client version 2.90 by compromising the official website, and signed the files with a valid Mac app development certificate, which has recently been revoked by Apple.
If you've installed Transmission 2.90, you should be greeted by a message like the one above, and it is very important that you download version 2.92. For those of you who want to dive into the technical details, you can find them at this link, along with a step-by-step guide on how to protect yourself in case you downloaded the rogue application.
Source: Palo Alto Networks Research Center via Reuters
14 Comments - Add comment