Apple Macs Targeted By Ransomware Campaign

Apple customers have become the victim of the first campaign hackers have launched against Mac computers using ransomware. The attack, which took place over the weekend, used a pernicious type ransomware, researchers with Palo Alto Networks told Reuters on Sunday.

Takes three days to affect

Ransomware is a prominent name among the fastest-growing types of cyber-threats that work by encrypting data on infected machines and then blackmailing users to pay ransom in hard-to-trace digital currencies in exchange for an electronic key to retrieve their data.

Hackers used a tainted copy of a popular program known as Transmission to infect Macs, said Palo Alto on Sunday in a blog. The blog stated that users who downloaded version 2.90 of Transmission, which was released on Friday, got their Macs infected with the ransomware.

Warren Buffett’s 2018 Activist Investment

Berkshire Hathaway Warren BuffettMost investors are aware of Warren Buffett's most high profile long-term investments. However, there is one long term investment that is often overlooked. Q2 2020 hedge fund letters, conferences and more This is building materials maker USG, which was owned by Berkshire Hathaway for more than 17 years before it was acquired in 2018. If Read More

Palo Alto stated that KeRanger is programmed to affect a computer and then remain quiet for three days, after which it will connect to the attacker’s server and start encrypting files, rendering them inaccessible. The blog said that once encryption is completed, KeRanger demands a ransom of 1 bitcoin, which is equivalent to approximately $400.

Apple revokes digital certificate

Such cyber-criminals typically target users of Microsoft’s Windows operating system and make hundreds of millions of dollars every year from ransom, noted security experts. Palo Alto Threat Intelligence Director Ryan Olson said that the KeRanger malware appeared on Friday and is the first functioning ransomware to attack Apple’s Mac computers.

To prevent further infections, Apple took some steps over the weekend, such as revoking a digital certificate that enabled the rogue software to install itself on Macs, said an Apple representative. Also Transmission removed the malicious version of its software from its website and released a version to automatically remove the ransomware from infected Apple Macs.

The website advises Transmission users to immediately install the new update, version 2.92, if they suspect their Mac to be infected. The victims whose machines have been compromised but cleanup hasn’t started could start losing data access on Monday, or three days after the virus was loaded onto Transmission’s site, said Olson.