Apple users targeted by first known Mac ransomware


A virus which targets Mac users, locking them out of their computers and holding files until a ransom is paid has been detected on Apple devices for the first time.

Hackers have started to infect Macs with the “KeRanger” ransomware which demands users make a one off Bitcoin payment of approximately 15,000 Baht to be given access to their files.

Unwittingly, some Mac users began downloading the the malicious software when they tried to install a BitTorrent program called Transmission.

Once the Mac ransomware has infected a computer, it stays dormant for up to three days before starts to attack files on the device, making documents, videos, photographs and other important file inaccessible until the ransom is paid.

Cyber security firm Palo Alto Networks, which discovered the the KeRanger virus believe it was uploaded on the Transmission BitTorrent site on Friday and with users downloading the torrent software which contains the virus ever since.

Mac Ransomware

This could mean that some Apple users are likely to be unaware the virus has infected their computer and will not have yet received the ransom demands.

“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom”, Ryan Olson from Palo Alto Networks told Reuters.

A spokesperson for Apple has confirmed the company has taken measures which should help prevent further infections by revoking the digital certificate which had enabled the malware to be installed on devices in the first place.

Transmission has also updated its website with a notice urging people to upgrade to the newest version of their software, which in doing so will remove the malware.

Hackers typically use ransomware of this nature to target Microsoft Windows users. However, this is the first time such malware has been found to target Apple users.

Ransomware, which is the fastest growing form of cyber attack is estimated to cost users hundreds of millions of dollars per year in ransoms.

Source: Palo Alto Networks


Comments are closed.