Make us your home page
Instagram

This devastating type of malware has basically ignored Mac users — until now

Apple has a reputation for building more secure operating systems than its rivals. But it looks like the company's products aren't totally immune to a devastating type of digital attack that basically takes computers hostage.

Last weekend, researchers at Palo Alto Networks, based in Santa Clara, Calif., said that they had uncovered "the first fully functional ransomware" for Apple's OS X platform.

Once ransomware — a type of malicious software — infects a computer, it encrypts the files stored on the machine using a digital key the owner doesn't know, making the computer unusable. Then the malware pops up with a notification that asks victims to pay off the attackers in bitcoins or some other hard-to-track digital currency to get the key to unlock their data.

It's almost like kidnapping, but for the digital life you store on your computer. And unfortunately, it has been on the rise in recent years, even hitting hospitals and police departments. But until now, ransomware had basically left Mac users alone.

The ransomware discovered and dubbed "KeRanger" by Palo Alto spread through a download of a popular open-source program called Transmission, which helps users share files online, according to a blog post Palo Alto published Sunday. Some users were infected after downloading the installer for version 2.90 of the software from the project's website when it was released Friday, the cybersecurity firm said.

The malware is programmed to lay low for three days after being installed, but then start encrypting files on the computer, according to the blog post.

Once all the files are encrypted, the malware will demand a ransom of 1 bitcoin — roughly $400 — the blog post said.

The ransomware was able to avoid triggering some of Apple's security measures because it was signed with a valid Mac app development certificate, a bit of code meant to signal that a program is legitimate.

"Apple has since revoked the abused certificate" and updated its XProtect antivirus program to block the malware, Palo Alto said, which Apple also confirmed to the Washington Post.

Transmission's developers removed the offending version of the program from its website and issued a warning there. It also released an updated version of the software that actively attempts to remove the ransomware.

A member of Transmission's development team said that their best guess is that roughly 6,500 copies of the malicious software were downloaded, but they think Apple's quick action likely prevented many of them from actually infecting users.

This devastating type of malware has basically ignored Mac users — until now 03/08/16 [Last modified: Tuesday, March 8, 2016 8:07pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Washington Post.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. Last orca calf born in captivity at a SeaWorld park dies

    Tourism

    ORLANDO — The last killer whale born in captivity under SeaWorld's former orca-breeding program died Monday at the company's San Antonio, Texas, park, SeaWorld said.

    Thet orca Takara helps guide her newborn, Kyara, to the water's surface at SeaWorld San Antonio in San Antonio, Texas, in April. Kyara was the final killer whale born under SeaWorld's former orca-breeding program. The Orlando-based company says 3-month-old Kyara died Monday. [Chris Gotshall/SeaWorld Parks & Entertainment via AP]
  2. Miami woman, 74, admits to voter fraud. Does jail await, or will she go free?

    State Roundup

    MIAMI — An 74-year-old woman pleaded guilty Monday to filling out other people's mail-in ballots while working at Miami-Dade's elections department.

    Gladys Coego
  3. Bigger ships carry Georgia ports to record cargo volumes

    Economic Development

    SAVANNAH, Ga. — Bigger ships arriving through an expanded Panama Canal pushed cargo volumes at Georgia's seaports to record levels in fiscal 2017, the Georgia Ports Authority announced Monday.

    The Port of Savannah moved a record 3.85 million container units in fiscal 2017, the state said, benefiting from the larger ships that can now pass through an expanded Panama Canal.
  4. Dragon ride in Harry Potter section of Universal closing for new themed ride

    Florida

    Universal Orlando announced Monday that it will close Dragon Challenge for a new "highly themed" Harry Potter ride to open in 2019 — sending wizard fans into a guessing game with hopes for a Floo Powder Network or the maze from the Triwizard Tournament.

    Universal Orlando announced Monday that it will close Dragon Challenge on Sept. 5 for a new "highly themed" Harry Potter ride to open in 2019. The ride, originally the Dueling Dragons roller coaster, was renamed and incorporated into the Wizarding World of Harry Potter when the hugely popular area opened in 2010.
  5. Would you let your company implant a chip in you?

    Working Life

    Would you ask an employee to get a chip implanted in her hand? Sounds invasive and intrusive. But come Aug. 1, one company in Wisconsin will be giving it a try.

    Three Square Market - a developer of software used in vending machines - is offering all of its employees the option to get a microchip implanted between the thumb and forefinger. [Photo from video]