Ransomware Hits Mac Computers

Ransomware Hits Mac Computers

Apple computers were hit with it’s first ransomware case on Friday. According to USA Today, it was downloaded by about 6,500 people before Apple shut it down. Reuters added that it was the “KeRanger” ransomware though a tainted copy of Transmission, a popular program for transferring data through the BitTorrent peer-to-peer file sharing network.

Transmission v2.90 is the bad version, so if you run this program, then upgrade to the latest version. It should be a loud wake-up call to those still blissfully unaware (Computer World)

Our Analysis

Ransomware, by definition, is malicious software that restricts access (typically via encrypting vital files) to the infected computer and demands the user to pay a ransom to continue using your device and regain access. This could have been avoided by not downloading the infected open source programs for BitTorrent and/or by checking and comparing the hash (digest) of the file downloaded. If you were one of the infected, then you are urged to remove the infected copy. If you want to continue to use the program, then it would be best to install the up-to-date version.

Normally, PC users have to worry about all types of malicious software, but now Macs could start to see an influx; likely due to an increase in market share, thus making it more profitable for cyber criminals. Like with all devices, it is best practice to use the official App Store for downloads. Also, staying away from potential hazards such as torrents aids in reducing the attack surface. CNBC wrote a good quick blog on protecting yourself from ransomware on a Mac. The main take away is to ensure XProtect is enabled on your computer. This blocks known malicious software.

Apple was quick to respond on Friday when users started to be locked out of their computers. Apple revoked the certificate that allowed Transmission software to work. Everything seems to be back operational for Transmission users, but only if they are on v2.92.

 

Other High Profile Breaches:

Experian (includes T-Mobile)
Scottrade
Trump Hotels
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison
Ashley Madison (follow up)


Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this blog and to our Podcast.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.

References

Reuters
CNBC
USA Today
Computer World


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Scott Entsminger

Scott Entsminger was born and raised in Virginia. He graduated from Radford University with a Bachelor’s of Science in Criminal Justice. Scott has worked for the Department of Defense since graduating college. He is an expert in Windows Administration; with specific experience in Group Policy and vulnerability remediation. He also has specific experience in Information Assurance (IA) and Cyber Security. Scott holds the CompTIA Security+ certification. He is always looking to diversify his skillset. Scott is an avid sports fan, particularly baseball. He also is an avid gamer and enjoys learning different skills involving his PC.