Ransomware Hits Mac Computers
Apple computers were hit with it’s first ransomware case on Friday. According to USA Today, it was downloaded by about 6,500 people before Apple shut it down. Reuters added that it was the “KeRanger” ransomware though a tainted copy of Transmission, a popular program for transferring data through the BitTorrent peer-to-peer file sharing network.
Transmission v2.90 is the bad version, so if you run this program, then upgrade to the latest version. It should be a loud wake-up call to those still blissfully unaware (Computer World)
Ransomware, by definition, is malicious software that restricts access (typically via encrypting vital files) to the infected computer and demands the user to pay a ransom to continue using your device and regain access. This could have been avoided by not downloading the infected open source programs for BitTorrent and/or by checking and comparing the hash (digest) of the file downloaded. If you were one of the infected, then you are urged to remove the infected copy. If you want to continue to use the program, then it would be best to install the up-to-date version.
Normally, PC users have to worry about all types of malicious software, but now Macs could start to see an influx; likely due to an increase in market share, thus making it more profitable for cyber criminals. Like with all devices, it is best practice to use the official App Store for downloads. Also, staying away from potential hazards such as torrents aids in reducing the attack surface. CNBC wrote a good quick blog on protecting yourself from ransomware on a Mac. The main take away is to ensure XProtect is enabled on your computer. This blocks known malicious software.
Apple was quick to respond on Friday when users started to be locked out of their computers. Apple revoked the certificate that allowed Transmission software to work. Everything seems to be back operational for Transmission users, but only if they are on v2.92.
Other High Profile Breaches:
Experian (includes T-Mobile)
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison (follow up)
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.