First Apple OS X ransomware found in Mac torrent app

Apple Mac

Macs have long been regarded as untouchable when it comes to security concerns, with most attacks centered on PCs. However, this belief took a dramatic turn recently when OS X users were hit by the first case of ransomware to bypass the company’s stringent defense system.

Security research firm Palo Alto Networks says the KeRanger ransomware wormed its way into Macs through popular torrent software Transmission. Given that the platform is an open-source project, it’s possible the malware compromised the tool’s website and replaced the clean version with its own infected one.

Users who had downloaded version 2.90 of the program between March 4 and 5 are at risk of getting affected. Ransomware typically lie low for 3 days, after which it locks down the hard drive and demands a ransom in exchange for allowing access to data. KeRanger apparently asks victims to pay one bitcoin (around $400).

Also Read: Apple’s new smaller iPad Pro will sport an iPhone 6S camera

Even more worryingly, the malware is still under active development and looking to encrypt Time Machine backup files to prevent targets from recovering their information. Both Apple and Transmission have taken steps to safeguard consumers after the two were informed about the security issue.

Apple has revoked the KeRanger application’s development certificate so it can’t get past the brand’s Gatekeeper protection now. It’s also updated its XProtect antivirus software. Transmission has pulled the compromised variant from its website and is urgently asking users to download the latest version of the app.

You can head over to Palo Alto Networks’ blog to check if you’re one of the unlucky few to get hit by the ransomware. If you are, then it’s recommended you delete the files immediately.