Make us your home page
Instagram

This devastating type of malware has basically ignored Mac users — until now

Apple has a reputation for building more secure operating systems than its rivals. But it looks like the company's products aren't totally immune to a devastating type of digital attack that basically takes computers hostage.

Last weekend, researchers at Palo Alto Networks, based in Santa Clara, Calif., said that they had uncovered "the first fully functional ransomware" for Apple's OS X platform.

Once ransomware — a type of malicious software — infects a computer, it encrypts the files stored on the machine using a digital key the owner doesn't know, making the computer unusable. Then the malware pops up with a notification that asks victims to pay off the attackers in bitcoins or some other hard-to-track digital currency to get the key to unlock their data.

It's almost like kidnapping, but for the digital life you store on your computer. And unfortunately, it has been on the rise in recent years, even hitting hospitals and police departments. But until now, ransomware had basically left Mac users alone.

The ransomware discovered and dubbed "KeRanger" by Palo Alto spread through a download of a popular open-source program called Transmission, which helps users share files online, according to a blog post Palo Alto published Sunday. Some users were infected after downloading the installer for version 2.90 of the software from the project's website when it was released Friday, the cybersecurity firm said.

The malware is programmed to lay low for three days after being installed, but then start encrypting files on the computer, according to the blog post.

Once all the files are encrypted, the malware will demand a ransom of 1 bitcoin — roughly $400 — the blog post said.

The ransomware was able to avoid triggering some of Apple's security measures because it was signed with a valid Mac app development certificate, a bit of code meant to signal that a program is legitimate.

"Apple has since revoked the abused certificate" and updated its XProtect antivirus program to block the malware, Palo Alto said, which Apple also confirmed to the Washington Post.

Transmission's developers removed the offending version of the program from its website and issued a warning there. It also released an updated version of the software that actively attempts to remove the ransomware.

A member of Transmission's development team said that their best guess is that roughly 6,500 copies of the malicious software were downloaded, but they think Apple's quick action likely prevented many of them from actually infecting users.

This devastating type of malware has basically ignored Mac users — until now 03/08/16 [Last modified: Tuesday, March 8, 2016 8:07pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Washington Post.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. DOT shows alternatives to former Tampa Bay Express toll lanes

    Transportation

    TAMPA — State transportation officials are evaluating at least a half-dozen alternatives to the controversial Tampa Bay interstate plan that they will workshop with the community for the next 18 months.

    Florida Department of Transportation consultant Brad Flom explains potential alternatives to adding toll lanes to Interstate 275 during a meeting Wednesday at DOT's Tampa office. Flom presented seven diagrams, all of which swapped toll lanes for transit, such as light rail or express bus, in the I-275 corridor from downtown Tampa to Bearss Ave. [CAITLIN JOHNSTON | Times]
  2. Claim: State pressured CFO, used secret recordings to shut down Universal Health Care

    Banking

    ST. PETERSBURG — The founder of St. Petersburg's Universal Health Care alleges that Florida regulators conspired with the company's chief financial officer to drive the once high-flying Medicare insurer out of business.

    Federal agents raided the headquarters of Universal Health Care in 2013, ordering employees to leave the building. The insolvent St. Petersburg Medicare insurer was then in the process of being liquidated by state regulators.
[DIRK SHADD   |   Times file photo]

  3. Aramis Ayala defends stance against death penalty: 'I did what I believe was proper'

    State Roundup

    TALLAHASSEE — Orlando prosecutor Aramis Ayala on Wednesday defended her "absolute discretion" to never seek the death penalty in murder cases, as skeptical justices of the Florida Supreme Court bombarded her lawyer with sharp questions.

    Orlando prosecutor Aramis Ayala, far right, said she was "very well pleased" with her lawyer's case. "I violated no laws." [STEVE BOUSQUET | Times]
  4. Tampa Chamber of Commerce offers boost to black and Hispanic-owned businesses

    Economic Development

    TAMPA — There's a disconnect in Hillsborough County's minority business community.

    Gaston Meredith of Gaston's Culinary Services listens to LaKendria Robinson, Director of Minority Business Accelerator & Economic Inclusion during an information session at the Robert W. Saunders Library in Tampa on Tuesday.
[OCTAVIO JONES   |   Times]
  5. Wesley Chapel, Greater Pasco chambers of commerce merge

    Business

    LAND O'LAKES — Two chambers of commerce representing more than 850 business members from west Pasco to Wesley Chapel and New Tampa are merging into a single organization.

    Greater Wesley Chapel Chamber of Commerce President and CEO Hope Allen will lead the combined chambers of commerce announced Wednesday. The yet-to-be-named chamber will represent more than 850 businesses that currenlty are members of the Greater Pasco and Greater Wesley Chapel chambers.
[JAMES BORCHUCK   |   Times]