Make us your home page
Instagram

This devastating type of malware has basically ignored Mac users — until now

Apple has a reputation for building more secure operating systems than its rivals. But it looks like the company's products aren't totally immune to a devastating type of digital attack that basically takes computers hostage.

Last weekend, researchers at Palo Alto Networks, based in Santa Clara, Calif., said that they had uncovered "the first fully functional ransomware" for Apple's OS X platform.

Once ransomware — a type of malicious software — infects a computer, it encrypts the files stored on the machine using a digital key the owner doesn't know, making the computer unusable. Then the malware pops up with a notification that asks victims to pay off the attackers in bitcoins or some other hard-to-track digital currency to get the key to unlock their data.

It's almost like kidnapping, but for the digital life you store on your computer. And unfortunately, it has been on the rise in recent years, even hitting hospitals and police departments. But until now, ransomware had basically left Mac users alone.

The ransomware discovered and dubbed "KeRanger" by Palo Alto spread through a download of a popular open-source program called Transmission, which helps users share files online, according to a blog post Palo Alto published Sunday. Some users were infected after downloading the installer for version 2.90 of the software from the project's website when it was released Friday, the cybersecurity firm said.

The malware is programmed to lay low for three days after being installed, but then start encrypting files on the computer, according to the blog post.

Once all the files are encrypted, the malware will demand a ransom of 1 bitcoin — roughly $400 — the blog post said.

The ransomware was able to avoid triggering some of Apple's security measures because it was signed with a valid Mac app development certificate, a bit of code meant to signal that a program is legitimate.

"Apple has since revoked the abused certificate" and updated its XProtect antivirus program to block the malware, Palo Alto said, which Apple also confirmed to the Washington Post.

Transmission's developers removed the offending version of the program from its website and issued a warning there. It also released an updated version of the software that actively attempts to remove the ransomware.

A member of Transmission's development team said that their best guess is that roughly 6,500 copies of the malicious software were downloaded, but they think Apple's quick action likely prevented many of them from actually infecting users.

This devastating type of malware has basically ignored Mac users — until now 03/08/16 [Last modified: Tuesday, March 8, 2016 8:07pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Washington Post.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. Unemployment claims double in Florida after Hurricane Irma

    Business

    The number of Americans seeking unemployment benefits dropped by 23,000 last week to 259,000 as the economic impact of Hurricane Harvey began to fade.

    Homes destroyed by Hurricane Irma on Big Pine Key last week. Hurricane Irma continued to have an impact on the job market in Florida, where unemployment claims more than doubled from the previous week.
[The New York Times file photo]
  2. Calling it a 'dangerous precedent,' Tampa chamber opposes city tax increase

    Retail

    TAMPA — Calling the possibility a "dangerous precedent," the Greater Tampa Chamber of Commerce on Thursday took the rare step of opposing City Hall's proposal to raise Tampa's property tax rate because of its impact on business.

    The Greater Tampa Chamber of Commerce voted against supporting a city tax hike on commercial property. Pictured is Bob Rohrlack, CEO of the chamber. | [Times file photo]
  3. Did Hurricane Irma speed the end of Florida orange juice?

    Agriculture

    Hurricane Irma plundered Florida's orange belt, leaving a trail of uprooted trees, downed fruit and flooded groves worse than anything growers say they have seen in more than 20 years.

    A large number of oranges lie on the ground at the Story Grove orange grove in the wake of Hurricane Irma on Sept. 13, 2017, in Lake Wales. [Photo by Brian Blanco | Getty Images]
  4. St. Petersburg's newest hotel opens with craft beers, cocktails and Cozy Corners

    Real Estate

    ST. PETERSBURG — Last spring, Ryan Tarrant applied for a job with the new Hyatt Place nearing completion in downtown St. Petersburg. Among the questions an interviewer asked:

    What does this hotel need to succeed?

    Hybar, a bar area with outdoor seating  that will feature craft drinks and Sunday brunch starting Oct. 1, is ready to open at the new Hyatt Place hotel at  25 2nd St. N in downtown St. Petersburg. [SCOTT KEELER   |   Times]
  5. Culver's crosses into Brandon near Selmon Expressway

    Business

    BRANDON — Like many children, Theresa Hutchins recalls pleading with her parents to take her for ice cream.

    Theresa Hutchins and her fianc? Mike Carelli opened the Tampa Bay area’s newest Culver’s August 28 in Brandon at 2470 S Falkenburg Road.