New ransomware targets Apple Mac computers for 1st time - Action News
Home WebMail Tuesday, November 19, 2024, 01:08 PM | Calgary | -3.3°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

New ransomware targets Apple Mac computers for 1st time

For the first time, Mac users are being attacked with a type of malicious software called ransomware. Now more details about its spread are coming to light.

KeRanger malware infected popular Transmission software during a cyberattack on software's developer

A customer uses an iPhone and a Macbook computer at the Genius Bar in the Apple Store at Grand Central Station. Palo Alto Threat Intelligence Director Ryan Olson said the "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers. (Brendan McDermid/Reuters)

The first knownransomwareattack onApple Inc's Mac computers, which was discovered overthe weekend, was downloaded more than 6,000 times before thethreat was contained, according to a developer whose product was
tainted with the malicious software.

Hackers infected Macs with the "KeRanger"ransomwarethrougha tainted copy of Transmission, a popular program for
transferring data through theBitTorrentpeer-to-peer filesharing network.

So-calledransomwareis a type of malicious software thatrestricts access to a computer system in some way and demandsthe user pay a ransom to themalwareoperators to remove therestriction.

KeRanger, which locks data on Macs so users cannot accessit, was downloaded about 6,500 times before Apple and developerswere able to thwart the threat, said John Clay, a representativefor the open-source Transmission project.

That is small compared to the number ofransomwareattackson computers running MicrosoftCorp'sWindows operatingsystem. Cyber security firmSymantecCorpobserved some8.8 million attacks in 2014 alone.

More Mac attacks expected

Still, cyber security experts said they expect to see moreattacks on Macs as the KeRanger hackers and other groups lookfor new ways to infect Mac computers."It's a small number but these things always start small andramp up huge," said Fidelis Cybersecurity threat systems managerJohn Bambenek. "There's a lot of Mac users out there and a lotof money to be made."

Symantec, which sells anti-virus software for Macs, warnedon its blog that "Mac users should not be complacent." The postoffered tips on protecting against ransomware.

Apple CEO Tim Cook looks at a new iMac after a presentation in 2014. An Apple representative said the company had taken steps over the weekend to prevent further infections by revoking a digital certificate that enabled the rogue software to install on Macs. (Robert Galbraith/Reuters)

The Transmission project provided few details about how theattack was launched.

"The normal disk image (was) replaced by the compromisedone" after the project's main server was hacked, said Clay.

He added that "security on the server has since been "increased" and that the group was in "frequent contact" with
Apple as well as Palo Alto Networks, which discovered theransomware on Friday and immediately notified Apple and
Transmission.

An Apple representative said the company quickly took stepsover the weekend to prevent further infections by revoking adigital certificate that enabled the rogue software to installon Macs.

Transmission responded by removing the malicious 2.90version of its software from its website
(www.transmissionbt.com). On Sunday, it released version 2.92,which its website says automatically removes the ransomware frominfected Macs.

Forbes earlier reported on the number of KeRanger downloads,citing Clay.