Ransomware on OS X, momentarily

Discussion of general issues, not related to a specific Mac or iDevice operating system.
Post Reply
User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3105
Joined: Thu Apr 07, 2011 10:09 am

Ransomware on OS X, momentarily

Post by Stephen Hart » Mon Mar 07, 2016 11:44 am

A recent update to popular BitTorrent client Transmission has been withdrawn and replaced because of malware included in the installer. Early downloads of the Transmission 2.90 client were infected with a ransomware package which has been dubbed "KeRanger" by the security researchers at Palo Alto Networks. KeRanger is the first functional malware of its kind on OS X.
If installed, the package waits for three days before contacting command and control servers through Tor, sending Mac model number, and UUID, which are probably used to derive an encryption key. Following successful communication with the control server, the malware starts encrypting documents stored on the host system.
http://www.macnn.com/articles/16/03/06/ ... an.132889/

Note that a major hospital got stung by ransomware recently, and paid the ransom.
Note also that this was a client app for a file-sharing service.
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest