Apple Shuts Down First Known OS X Ransomware

During the weekend in the first campaign against Macintosh computers, Mac users had their devices hacked by a destructive software known as ransomware.

The cyber threat has been growing fast targeting infected machines by encrypting data, and usually hackers would demand users to pay a ransom through an untraceable currency to retrieve back their data given by an electronic key.

This attempts suggested by security experts where cyber criminals receive an estimate to hundreds of millions of dollars a year. Which users of Microsoft Corp's Windows operating system are their typical target.

Ryan Olson a Palo Alto Threat Intelligence Director, explained that the KeRanger malware attacked Apple's Mac computers making it the first functioning ransomware that appeared on Friday.

Olson said, "This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,"

Hackers aimed on Macs by polluting a copy of a known program called Transmission. Typically used to move data by a BitTorrent peer to peer file sharing network. When the release of Transmission's new version 2.90 came about on Friday, users made the download thus infecting their Macs with ransomware.

A representative of Apple explained that the firm has taken steps during the weekend to assure the prevention of any further infection by invalidating a cyber certificate to enable users to install rogue software onto their Macs.

According to a Transmission forum from its website www.transmissionbt.com that was released on Sunday responded by removing the software version carrying the malicious malware from its content and replacing it with a new version that automatically eliminates the ransomware from its Macs infected computers.

The Transmission website also suggested to its users to install the new version 2.92 update as soon as possible if their infected Macs is still suspected.

The threat intelligence agency in Palo Alto mentioned that the KeRanger program stays quiet for a few days after a computer is infected, then the attacker's server gets linked beginning to penetrate encrypting files so that users cannot get access. After the damage is done, the attacker demands the ransom of 1 bitcoin for about $400.

Olson claimed to those victims with their machines being compromised but not fully cleaned up might start losing data three days after the Transmission site was breached.

Tags
Apple
Real Time Analytics