Make us your home page
Instagram

This devastating type of malware has basically ignored Mac users — until now

Apple has a reputation for building more secure operating systems than its rivals. But it looks like the company's products aren't totally immune to a devastating type of digital attack that basically takes computers hostage.

Last weekend, researchers at Palo Alto Networks, based in Santa Clara, Calif., said that they had uncovered "the first fully functional ransomware" for Apple's OS X platform.

Once ransomware — a type of malicious software — infects a computer, it encrypts the files stored on the machine using a digital key the owner doesn't know, making the computer unusable. Then the malware pops up with a notification that asks victims to pay off the attackers in bitcoins or some other hard-to-track digital currency to get the key to unlock their data.

It's almost like kidnapping, but for the digital life you store on your computer. And unfortunately, it has been on the rise in recent years, even hitting hospitals and police departments. But until now, ransomware had basically left Mac users alone.

The ransomware discovered and dubbed "KeRanger" by Palo Alto spread through a download of a popular open-source program called Transmission, which helps users share files online, according to a blog post Palo Alto published Sunday. Some users were infected after downloading the installer for version 2.90 of the software from the project's website when it was released Friday, the cybersecurity firm said.

The malware is programmed to lay low for three days after being installed, but then start encrypting files on the computer, according to the blog post.

Once all the files are encrypted, the malware will demand a ransom of 1 bitcoin — roughly $400 — the blog post said.

The ransomware was able to avoid triggering some of Apple's security measures because it was signed with a valid Mac app development certificate, a bit of code meant to signal that a program is legitimate.

"Apple has since revoked the abused certificate" and updated its XProtect antivirus program to block the malware, Palo Alto said, which Apple also confirmed to the Washington Post.

Transmission's developers removed the offending version of the program from its website and issued a warning there. It also released an updated version of the software that actively attempts to remove the ransomware.

A member of Transmission's development team said that their best guess is that roughly 6,500 copies of the malicious software were downloaded, but they think Apple's quick action likely prevented many of them from actually infecting users.

This devastating type of malware has basically ignored Mac users — until now 03/08/16 [Last modified: Tuesday, March 8, 2016 8:07pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Washington Post.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. 'Road to Nowhere' is back: Next phase of Suncoast Parkway coming

    Roads

    Despite intense public opposition and dubious traffic projections, the Florida Department of Transportation has announced that construction of the toll road known as "Suncoast 2" is expected to start in early 2018.

    The Suncoast Parkway ends at U.S. 98 just south of Citrus County. For years residents have opposed extending the toll road, a project dubbed the "Suncoast 2" into Citrus County. But state officials recently announced that the Suncoast 2 should start construction in early 2018. [Stephen J. Coddington  |  TIMES]
  2. A sports rout on Wall Street

    Retail

    NEW YORK — Sporting goods retailers can't shake their losing streak.

  3. Grocery chain Aldi hosting hiring event in Brandon Aug. 24

    Retail

    BRANDON — German grocery chain Aldi is holding a hiring event for its Brandon store Aug. 24. It is looking to fill store associate, shift manager and manager trainee positions.

  4. Lightning owner Jeff Vinik backs film company pursuing global blockbusters

    Corporate

    TAMPA — Jeff Vinik's latest investment might be coming to a theater near you.

    Jeff Vinik, Tampa Bay Lightning owner, invested in a new movie company looking to appeal to a global audience. | [Times file photo]
  5. Trigaux: Look to new Inc. 5000 rankings for Tampa Bay's future heavyweights

    Business

    There's a whole lotta fast-growing private companies here in Tampa Bay. Odds are good you have not heard of most of them.

    Yet.

    Kyle Taylor, CEO and founder of The Penny Hoarder, fills a glass for his employees this past Wednesday as the young St. Petersburg personal advice business celebrates its landing at No. 25 on the 2017 Inc. 5000 list of the fastest growing private companies in the country. Taylor, still in his 20s, wins kudos from executive editor Alexis Grant for keeping the firm's culture innovative. The business ranked No. 32 last year. [DIRK SHADD   |   Times]