Apple shuts down the first live ransomware targeting Mac users | HT Tech

Apple shuts down the first live ransomware targeting Mac users

Mac ransomware which was found within a legitimate BitTorrent application called Transmission has now been shut down

By:REUTERS
| Updated on: Mar 08 2016, 16:15 IST
image caption
Mac ransomware which was found within a legitimate BitTorrent application called Transmission has now been shut down (Reuters)
image caption
Mac ransomware which was found within a legitimate BitTorrent application called Transmission has now been shut down (Reuters)

The first known ransomware attack on Apple Mac computers, which was discovered over the weekend, was downloaded more than 6,000 times before the threat was contained, according to a developer whose product was tainted with the malicious software.

Hackers infected Macs with the "KeRanger" ransomware through a tainted copy of Transmission, a popular program for transferring data through the BitTorrent peer-to-peer file sharing network.

So-called ransomware is a type of malicious software that restricts access to a computer system in some way and demands the user pay a ransom to the malware operators to remove the restriction.

KeRanger, which locks data on Macs so users cannot access it, was downloaded about 6,500 times before Apple and developers were able to thwart the threat, said John Clay, a representative for the open-source Transmission project.

That is small compared to the number of ransomware attacks on computers running Microsoft Corp's Windows operating system. Cyber security firm Symantec Corp observed some 8.8 million attacks in 2014 alone.

Still, cyber security experts said they expect to see more attacks on Macs as the KeRanger hackers and other groups look for new ways to infect Mac computers.

"It's a small number but these things always start small and ramp up huge," said Fidelis Cybersecurity threat systems manager John Bambenek. "There's a lot of Mac users out there and a lot of money to be made."

Symantec, which sells anti-virus software for Macs, warned on its blog that "Mac users should not be complacent." The post offered tips on protecting against ransomware. (symc.ly/1puolix)

The Transmission project provided few details about how the attack was launched.

"The normal disk image (was) replaced by the compromised one" after the project's main server was hacked, said Clay.

He added that "security on the server has since been increased" and that the group was in "frequent contact" with Apple as well as Palo Alto Networks, which discovered the ransomware on Friday and immediately notified Apple and Transmission.

Read more: Apple finally releases a fix for the Error 53 bug

An Apple representative said the company quickly took steps over the weekend to prevent further infections by revoking a digital certificate that enabled the rogue software to install on Macs.

Transmission responded by removing the malicious 2.90 version of its software from its website (www.transmissionbt.com). On Sunday, it released version 2.92, which its website says automatically removes the ransomware from infected Macs.

Read more: Apple acknowledges 1970 date bug, says a fix coming with the next update

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 08 Mar, 16:05 IST
NEXT ARTICLE BEGINS