Researchers with Palo Alto Networks Inc claimed that a pernicious type of software known as ransomware was used by hackers to target Apple Inc customers for the first such campaign against Macintosh computers over the weekend, reported Reuters.
Users are asked by hackers to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data after ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines. This is the modus operandi of the hackers using this malware.
Cyber criminals who typically target users of Microsoft Corp's Windows operating system have been able to generate money to the tune of hundreds of millions of dollars a year through this modus operandi and using this malware, security experts have estimated.
The "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers, said Palo Alto Threat Intelligence Director, Ryan Olson,
"This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Olson said in a telephone interview to Reuters.
Palo Alto said on a blog posted on Sunday afternoon that a tainted copy of a popular program known as Transmission, which is used to transfer data through the BitTorrent peer-to-peer file sharing network was used by hackers to infect Macs.
The Macs of Apple users were infected after they downloaded version 2.90 of Transmission which was released on Friday. The ransomware was transmitted into the Macs and stalled the machines, the blog said.
Revoking a digital certificate that enabled the rogue software to install on Macs was the measure that Apple had taken over the weekend to prevent further infections, said an Apple representative. However no further details was provided by the representative.
The malicious version of the software was removed from its website - www.taransmissionbt.com, by Transmission which was the company’s response to the threat. A version that its website said automatically removes the ransomware from infected Macs was released by the company on Sunday.
In case of any doubts about infection in the Macs, Transmission advised its users to immediately install the new update, version 2.92.
KeRanger is programmed to stay quiet for three days after infecting a computer, then connect to the attacker's server and start encrypting files so they cannot be accessed, Palo Alto said on its blog.
KeRanger demands a ransom of 1 bitcoin, or about $400 after encryption is completed, the blog said.
The victims whose machines were compromised but not cleaned up could start losing access to data on Monday, which is three days after the virus was loaded onto Transmission's site, said Olson, the Palo Alto threat intelligence director.
Representatives with Transmission could not be reached for comments.
(Source:www.reuters.com & www.cnbc.com)
Users are asked by hackers to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data after ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines. This is the modus operandi of the hackers using this malware.
Cyber criminals who typically target users of Microsoft Corp's Windows operating system have been able to generate money to the tune of hundreds of millions of dollars a year through this modus operandi and using this malware, security experts have estimated.
The "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers, said Palo Alto Threat Intelligence Director, Ryan Olson,
"This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Olson said in a telephone interview to Reuters.
Palo Alto said on a blog posted on Sunday afternoon that a tainted copy of a popular program known as Transmission, which is used to transfer data through the BitTorrent peer-to-peer file sharing network was used by hackers to infect Macs.
The Macs of Apple users were infected after they downloaded version 2.90 of Transmission which was released on Friday. The ransomware was transmitted into the Macs and stalled the machines, the blog said.
Revoking a digital certificate that enabled the rogue software to install on Macs was the measure that Apple had taken over the weekend to prevent further infections, said an Apple representative. However no further details was provided by the representative.
The malicious version of the software was removed from its website - www.taransmissionbt.com, by Transmission which was the company’s response to the threat. A version that its website said automatically removes the ransomware from infected Macs was released by the company on Sunday.
In case of any doubts about infection in the Macs, Transmission advised its users to immediately install the new update, version 2.92.
KeRanger is programmed to stay quiet for three days after infecting a computer, then connect to the attacker's server and start encrypting files so they cannot be accessed, Palo Alto said on its blog.
KeRanger demands a ransom of 1 bitcoin, or about $400 after encryption is completed, the blog said.
The victims whose machines were compromised but not cleaned up could start losing access to data on Monday, which is three days after the virus was loaded onto Transmission's site, said Olson, the Palo Alto threat intelligence director.
Representatives with Transmission could not be reached for comments.
(Source:www.reuters.com & www.cnbc.com)
