Make us your home page
Instagram

This devastating type of malware has basically ignored Mac users — until now

Apple has a reputation for building more secure operating systems than its rivals. But it looks like the company's products aren't totally immune to a devastating type of digital attack that basically takes computers hostage.

Last weekend, researchers at Palo Alto Networks, based in Santa Clara, Calif., said that they had uncovered "the first fully functional ransomware" for Apple's OS X platform.

Once ransomware — a type of malicious software — infects a computer, it encrypts the files stored on the machine using a digital key the owner doesn't know, making the computer unusable. Then the malware pops up with a notification that asks victims to pay off the attackers in bitcoins or some other hard-to-track digital currency to get the key to unlock their data.

It's almost like kidnapping, but for the digital life you store on your computer. And unfortunately, it has been on the rise in recent years, even hitting hospitals and police departments. But until now, ransomware had basically left Mac users alone.

The ransomware discovered and dubbed "KeRanger" by Palo Alto spread through a download of a popular open-source program called Transmission, which helps users share files online, according to a blog post Palo Alto published Sunday. Some users were infected after downloading the installer for version 2.90 of the software from the project's website when it was released Friday, the cybersecurity firm said.

The malware is programmed to lay low for three days after being installed, but then start encrypting files on the computer, according to the blog post.

Once all the files are encrypted, the malware will demand a ransom of 1 bitcoin — roughly $400 — the blog post said.

The ransomware was able to avoid triggering some of Apple's security measures because it was signed with a valid Mac app development certificate, a bit of code meant to signal that a program is legitimate.

"Apple has since revoked the abused certificate" and updated its XProtect antivirus program to block the malware, Palo Alto said, which Apple also confirmed to the Washington Post.

Transmission's developers removed the offending version of the program from its website and issued a warning there. It also released an updated version of the software that actively attempts to remove the ransomware.

A member of Transmission's development team said that their best guess is that roughly 6,500 copies of the malicious software were downloaded, but they think Apple's quick action likely prevented many of them from actually infecting users.

This devastating type of malware has basically ignored Mac users — until now 03/08/16 [Last modified: Tuesday, March 8, 2016 8:07pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Washington Post.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. Carrollwood fitness center employs scientific protocol to help clients

    Business

    In 2005, Al Roach and Virginia Phillips, husband and wife, opened 20 Minutes to Fitness in Lakewood Ranch, and last month they opened the doors to their new location in Carrollwood.

    Preston Fisher, a personal fitness coach at 20 Minutes To Fitness, stands with an iPad while general manager/owner Angela Begin conducts an equipment demonstration. The iPad is used to track each client's information and progress. I also included one shot of just the equipment. The center recently opened in Carrollwood. Photo by Danielle Hauser.
  2. Olive Tree branches out to Wesley Chapel

    Business

    WESLEY CHAPEL — When it came time to open a second location of The Olive Tree, owners John and Donna Woelfel, decided that Wesley Chapel was the perfect place.

    The Olive Tree expands its offerings of "ultra premium?€ extra virgin olive oils (EVOO) to a second location in Wesley Chapel. Photo by Danielle Hauser.
  3. Massachusetts firm buys Tampa's Element apartment tower

    Real Estate

    TAMPA — Downtown Tampa's Element apartment tower sold this week to a Massachusetts-based real estate investment company that plans to upgrade the skyscraper's amenities and operate it long-term as a rental community.

    The Element apartment high-rise at 808 N Franklin St. in downtown Tampa has been sold to a Northland Investment Corp., a Massachusetts-based real estate investment company. JIM DAMASKE  |  Times
  4. New York town approves Legoland proposal

    News

    GOSHEN, N.Y. — New York is one step closer to a Lego dreamland. Goshen, a small town about fifty miles northwest of the Big Apple, has approved the site plan for a $500 million Legoland amusement park.

    A small New York town, Goshen approved the site plan for a $500 million Legoland amusement park. Legoland Florida is in Winter Haven. [Times file  photo]
  5. Jordan Park to get $20 million makeover and new senior housing

    Real Estate

    By WAVENEY ANN MOORE

    Times Staff Writer

    ST. PETERSBURG —The St. Petersburg Housing Authority, which bought back the troubled Jordan Park public housing complex this year, plans to spend about $20 million to improve the 237-unit property and construct a new three-story building for …

    Jordan Park, the historic public housing complex, is back in the hands of the St. Petersburg Housing Authority. The agency is working to improve the 237-unit complex. But the latest plan to build a new three-story building for seniors will mean 31 families have to find new homes. [LARA CERRI   |   Tampa Bay Times]