Apple users targeted in ransomware attack

Apple users have been targeted by cyber criminals in a ransomware attack against Mac computers.

By - March 7, 2016 Share on LinkedIn
Apple logo

Apple users have been targeted by cyber criminals in a ransomware attack, dubbed KeRanger, against Mac computers.

Palo Alto Networks said it detected that the Transmission BitTorrent installer for OS X was infected with ransomware on 4 March.

“The only previous ransomware for OS X we are aware of is FileCoder, discovered by Kaspersky Lab in 2014,” the company said,

“As FileCoder was incomplete at the time of its discovery, we believe KeRanger is the first fully-functional ransomware seen on the OS X platform.”

How KeRanger works

The KeRanger application was signed with a valid Mac app development certificate, allowing it to bypass Apple’s Gatekeeper protection.

If a user installs the infected app, an embedded executable file is run on the system.

KeRanger then waits for three days before connecting with command and control servers over the Tor anonymizer network.

The malware then begins encrypting certain types of document and data files on the system.

After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to retrieve their files.

KeRanger appears to still be under development. It also seems that the malware attempts to encrypt Time Machine files to prevent victims from recovering their backup data.

Details on how to protect yourself against the malware are available on the Palo Alto Networks website.

More on security

Google’s Project Shield: protecting news sites against DDoS attacks

Massive increase in DDoS attacks

Akamai XOR DDoS warning

Share your thoughts

Join the conversation

Connect with Us

androidappletwitterfacebookgoogleplusfeednewsletter

Poll

Have you ever been the victim of online fraud?

View Results

Loading ... Loading ...

More News

South African political leaders’ qualifications: ANC vs DA vs EFF

Political leaders FF Plus DA EFF ANC

South Africa’s municipal elections will be contested by the ANC, DA, EFF, and other parties – here are how their leaders stack up when it comes to academic qualifications.

MTN online bill platform back up after data leak

MTN logo 3D

MTN has restored its online bill system after taking it offline following reports of a data leak.

Gupta-owned ANN7 to buy MyBroadband – hacker spoof

ANN7 logo

SensePost CTO Dominic White spoofed MyBroadband’s conference Wi-Fi to prove a security point.

SABC 3 will have 80% South African content: Hlaudi Motsoeneng

SABC logo on paper

Public broadcaster the SABC plans to beef up local content on its commercial television station by up to 80% after implementing a similar policy across its radio broadcasts.

X

Newsletter Subscription


Name
Email *
Enter the following to confirm your subscription *
Captcha image


Free MyBroadband Newsletter
Subscribe
×