The increasing popularity of Mac OS computers appears to be catching up to it, as the first ransomware targeting OS X has been discovered. KeRanger locks a computer for 72 hours and demands a ransom of 1 Bitcoin. Should the victim fail to comply, the malware will begin encrypting files.
The ransomware spread over the weekend through a hacked copy of Transmission – one of the many Bittorrent clients available on the internet. Transmission users noticed strange activity on the client message board, and quickly concluded that the site was compromised. Users began warning each other about the possibility of Transmission 2.90 being used as an attack vector and that it should be deleted immediately.
Ryan Olson of Paolo Alto Networks says that while this may be the first ransomware to specifically target Macs, it will not be the last. Apple users have generally been less concerned about malware as there have been comparatively few cases of Macs being infected.
However, ransomware is becoming increasingly popular among cybercriminals out to make a quick profit. Most individuals and organisations would rather pay the ransom instead of risk losing all their data. The high profile case of the Hollywood hospital which fell victim to this sort of attack only illustrates how much damage can be done.
Users of Transmission have been advised to ensure that they are not running on version 2.90. That being said, Apple has updated XProtect antivirus and revoked the abused certificate. The attack shouldn’t continue to affect Mac users, but this should serve as a warning for those who haven’t been taking their online security seriously.