Apple no longer holds the trophy of being more immune to virus problems.
In a first, many Apple users recently reported their Mac computers being infected with a kind of ransomware that encrypts files in their computer and demands a “ransom” in exchange of decryption. The ransomware, identified as “KeRanger,” allegedly demands 1 bitcoin ($400) from the victims to free their documents from encryption.
The problem was first discovered on 4th March by researchers in Palo Alto Networks, who claimed that the ransomware made its way into the users’ system through Transmission, a free (and popular) data transferring BitTorrent client software.
Although the scale of infection is yet to be confirmed, Palo Alto Networks claimed that it is the first known case of Apple computers being blatantly affected by a virus. “…We believe KeRanger is the first fully functional ransomware seen on the OS X platform,” writes a company blog.
The blog further notes, “Transmission is an open source project. It’s possible that Transmission’s official website was compromised and the files were replaced by re-compiled malicious versions, but we can’t confirm how this infection occurred.”
According to Ryan Olsen, Threat Intelligence Director at Palo Alto Networks, when Mac owners inadvertently download the infected Transmission software to their computers, the ransomware stayed dormant for the first three days and slowly began locking images, videos, and documents in the system.
After the news about the ransomware outbreak in Mac computers, Transmission has since then posted an alert message in its website urging Apple users to take precautionary actions. “Everyone running 2.90 on OS X should immediately upgrade to and run 2.92, as they may have downloaded a malware-infected file. This new version will make sure that the “OSX.KeRanger.A” ransomware is correctly removed from your computer,” reads the message posted in the website’s homepage.
The message also asks users of Transmission 2.91 to immediately upgrade to and run 2.92. “Even though 2.91 was never infected, it did not automatically remove the malware-infected file,” explains the website.
Meanwhile, Apple has revoked the digital certificate that allowed the ransomware incident into its computers in order to mitigate the further spread of the malware.
Until now, ransomware were known to target Windows computers at large and inflict a damage worth millions of dollars every year. The wrath of KeRanger on Mac computers, however, poses a new challenge for the information security industry as well as Mac owners, a majority of who believe that they didn’t need antivirus for Mac to protect their computers because Apple devices are safe against virus.