Daily Management Review

First Known Mac Ransomware Campaign Targets Apple Users


03/07/2016




First Known Mac Ransomware Campaign Targets Apple Users
Researchers with Palo Alto Networks Inc claimed that a pernicious type of software known as ransomware was used by hackers to target Apple Inc customers for the first such campaign against Macintosh computers over the weekend, reported Reuters.
 
Users are asked by hackers to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data after ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines. This is the modus operandi of the hackers using this malware.
 
Cyber criminals who typically target users of Microsoft Corp's Windows operating system have been able to generate money to the tune of hundreds of millions of dollars a year through this modus operandi and using this malware, security experts have estimated.  
 
The "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers, said Palo Alto Threat Intelligence Director, Ryan Olson,  
 
"This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Olson said in a telephone interview to Reuters.
 
Palo Alto said on a blog posted on Sunday afternoon that a tainted copy of a popular program known as Transmission, which is used to transfer data through the BitTorrent peer-to-peer file sharing network was used by hackers to infect Macs.
  
The Macs of Apple users were infected after they downloaded version 2.90 of Transmission which was released on Friday. The ransomware was transmitted into the Macs and stalled the machines, the blog said.
 
Revoking a digital certificate that enabled the rogue software to install on Macs was the measure that Apple had taken over the weekend to prevent further infections, said an Apple representative. However no further details was provided by the representative.
 
The malicious version of the software was removed from its website - www.taransmissionbt.com, by Transmission which was the company’s response to the threat. A version that its website said automatically removes the ransomware from infected Macs was released by the company on Sunday.
 
In case of any doubts about infection in the Macs, Transmission advised its users to immediately install the new update, version 2.92.
 
KeRanger is programmed to stay quiet for three days after infecting a computer, then connect to the attacker's server and start encrypting files so they cannot be accessed, Palo Alto said on its blog.
 
KeRanger demands a ransom of 1 bitcoin, or about $400 after encryption is completed, the blog said.
 
The victims whose machines were compromised but not cleaned up could start losing access to data on Monday, which is three days after the virus was loaded onto Transmission's site, said Olson, the Palo Alto threat intelligence director.
 
Representatives with Transmission could not be reached for comments.

(Source:www.reuters.com & www.cnbc.com) 






Science & Technology

China takes the lead in quantum cryptography

Gartner: Chinese smartphones lead sales

Bitcoin Mining Worsens Global Warming Effect

Europe overtakes US by number of patents for self-driving car technologies

Samsung introduces display technology for folding screens

How retailers use technologies to increase sales

Facebook releases videochat devices Portal and Portal Plus

Smartphone makers will pay for pre-installing Google apps‍

Five loudest data leaks

Airbus announces Moon exploration competition

World Politics

World & Politics

Tumblr, Facebook wage war against adult content

Arrest of Huawei’s top manager endangers US-China trade truce

Has Macron given up to Yellow Vests?

What to expect from G20 Buenos Aires summit?

China steps up space race with the US

Climate change will cost US $ 500 billion a year

China manages to stop growth of big cities population

Donald Trump thanks Saudi Arabia for low oil prices