If you directly downloaded the Transmission installer from the official website on March 4-5, 2016, you may have been infected by KeRanger. The researches also note that Transmission has removed the affected versions of the BitTorrent installer from its website. Apple declined to comment for this story. Since then, they say Apple has revoked the security certificate exploited by KeRanger and updated its XProtect antivirus software.
The Palo Alto Networks team notified both Apple and the Transmission Project on March 4. "Additionally, KeRanger appears to still be under active development and it seems the malware is also attempting to encrypt Time Machine backup files to prevent victims from recovering their back-up data." "After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to a specific address to retrieve their files," the researchers wrote in their findings. But after three days, KeRanger would connect with servers over the anonymous Tor network and begin encrypting certain files on the Mac's system. At first, there'd be no sign of a problem. If a user installed one of the infected versions of Transmission, an executable file embedded within the software would run on the system. Apple deletes over 250 data-mining apps from App Store.Tech industry rallies around Apple in its iPhone fight with FBI.Apple, FBI face off before Congress over iPhone encryption."This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Palo Alto Threat Intelligence Director Ryan Olson told Reuters on Sunday. KeRanger, by contrast, marks the arrival of truly dangerous ransomware on the OS X platform. In 2014, Kaspersky Labs discovered such software, though it wasn't complete at the time. It's not the very first time Mac-targeting ransomware has been detected by security experts. The problem was first detected Friday, when a team of researchers at Palo Alto Networks found a popular BitTorrent client for Apple's OS X software for Macs that was infected with the ransomware, which they have dubbed "KeRanger." The BitTorrent software in question is Transmission, which Mac users can install on Apple's OS X operating system and then use to access shared files in so-called torrent swarms (which, let's not lie, is usually pirated content). And in bad news for downloading fiends, it's being spread through torrenting software. Security researchers have discovered what they believe to be the first-ever ransomware attack targeted at Apple users that actually made it out "into the wild," meaning it's a genuine threat. Now you're no better off than regular old PC users.
0 kommentar(er)
