Apple users have been\u00a0targeted by cyber criminals in a ransomware attack, dubbed KeRanger, against Mac computers.<\/p>\n
Palo Alto Networks said it\u00a0detected that the Transmission BitTorrent installer for OS X was infected with ransomware on 4 March.<\/p>\n
\u201cThe only previous ransomware for OS X we are aware of is FileCoder, discovered by Kaspersky Lab in 2014,\u201d the company said,<\/p>\n
\u201cAs FileCoder was incomplete at the time of its discovery, we believe KeRanger is the first fully-functional ransomware seen on the OS X platform.\u201d<\/p>\n
The KeRanger application was signed with a valid Mac app development certificate, allowing it to bypass Apple\u2019s Gatekeeper protection.<\/p>\n
If a user installs the infected app, an embedded executable file is run on the system.<\/p>\n
KeRanger then waits for three days before connecting with command and control servers over the Tor anonymizer network.<\/p>\n
The malware then begins encrypting certain types of document and data files on the system.<\/p>\n
After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to retrieve their files.<\/p>\n
KeRanger appears to still be under development. It also seems that the malware attempts to encrypt Time Machine files to prevent victims from recovering their backup data.<\/p>\n
Details on\u00a0how to protect yourself against the malware are\u00a0available on the Palo Alto Networks website<\/a><\/strong>.<\/p>\n Google\u2019s Project Shield: protecting news sites against DDoS attacks<\/a><\/strong><\/p>\nMore on security<\/h3>\n