'Ransomware' Hits Apple for First Time
KeRanger spread through torrenting software
By Rob Quinn,  Newser Staff
Posted Mar 7, 2016 4:14 AM CST
A New York police officer stands outside the Apple Store on Fifth Avenue while monitoring a demonstration.   (AP Photo/Julie Jacobson, File)

(Newser) – Apple users are no longer immune to the "ransomware" that has attacked PC users in recent years, locking their files or freezing their computers and demanding payment. Security researchers say a tainted version of a torrenting program called Transmission appears to have spread the "KeRanger" malware to Mac users over the weekend. "This is the first one in the wild that is definitely functional, encrypts your files, and seeks a ransom," the threat intelligence director at Palo Alto Networks tells Reuters. Researchers say that KeRanger is silent for the first few days that a computer is infected and then encrypts files, demanding one bitcoin—around $400—to retrieve them, CNET reports.

Palo Alto Networks, which first spotted the problem, says on its website that users who downloaded the Transmission installer from the official website between 11:00am PST on March 4 and 7:00pm PST on March 5 are definitely at risk of KeRanger infection, while those who downloaded the program earlier from third-party websites may also be at risk. The group notes that KeRanger appears to be a work still in progress, with functions still under development, including the capacity to stop victims from using Time Machine to recover files attacked by the malware. (A Hollywood hospital coughed up $17,000 when its systems were infected by ransomware.)
 

My Take on This Story
Show results without voting  |  
20%
11%
18%
5%
42%
4%