First ransomware detected on Apple devices
The rogue software, called KeRanger, has infected a number of Mac computers. It renders files inaccessible. It then demands payment of one bitcoin — the virtual currency and worth €360 — to return control of the files.
Security researchers from Palo Alto Networks first reported the virus, which is known as ransomware. They believe it to be the “first fully functional ransomware seen on the OS X platform”, on which Apple laptop and desktop products run.
Apple has long-prided itself on its computers’ supposed lack of vulnerability to viruses, broadly staying free of major issues.
The malware was hidden inside a popular piece of software, called Transmission, which is used to transfer data on peer-to-peer sharing site, BitTorrent.
Palo Alto Networks said users who downloaded version 2.90 of the software, on Friday, were infected with the ransomware, which stays dormant for three days before beginning to lock files using encryption, asking for the ransom in order to release them.
As the malware became available on Friday, those who downloaded it began to encounter problems on Monday, unless an update was installed.
The security firm also said they had reported the issue to Apple, adding that the technology giant has since fixed the vulnerability in its systems, by revoking a digital certificate that allowed the software to be installed in the first place. Transmission has also removed the malicious download from its website.
Palo Alto Networks’ intelligence director, Ryan Olson, told the Reuters news agency: “This is the first one in the wild that is definitely functional, encrypts your files, and seeks a ransom.”
Ransomware, among other malicious software, has long been known to target users of fellow desktop software, Microsoft Windows, generating millions of pounds a year for cyber-criminals.
