Apple users targeted in first known Mac ransomware campaign

Reuters ^ | Sun Mar 6, 2016 | JIM FINKLE

[Mad Dawgg]

Apple Inc (AAPL.O) customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc (PANW.N) told Reuters on Sunday.

Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.

Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft Corp's (MSFT.O) Windows operating system.

Palo Alto Threat Intelligence Director Ryan Olson said the "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers.

"This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Olson said in a telephone interview.

[Mad Dawgg]

Interesting...

[JimSEA]

Humm. . . Who is capable and benefits from such an attack on Apple? I’m just paranoid I guess.

[CitizenUSA]

According to the article, the “ransomware” is installed by downloading a BitTorrent application. I’m pretty sure you’d have to enter your password to approve installation of this application (not going to test it). BitTorrents are also typically used to send files, like pirated movies, that probably should be avoided in the first place.

[roadcat]

If it were to happen (if), no problem if you religiously back up your data. I’m just saying... (Still some folks who think they don’t need to back up their precious photos, contacts, docs, etc. Foolish.) Easy enough to restore anything that is lost, if you have a back up (if).

[JimSEA]

Thanks. That’s reassuring as I never do such things.

[SecondAmendment]

> According to the article, the “ransomware” is installed by downloading a BitTorrent application.

Only a fool would trust an unknown quantity from a suspect source ... and the same goes for installing software from BitTorrent :)

[WildHighlander57]

Keep all data on an external drive and back it up daily...

[dhs12345]

Losing your data only once is enough to make one a zealot. Happened to me 20 years ago and since then I have backed up everything and now store our valuable files on a raid server. And I even back up the server.

[tacticalogic]

Losing your data only once is enough to make one a zealot. Happened to me 20 years ago and since then I have backed up everything and now store our valuable files on a raid server. And I even back up the server.

Always good to have a backup. I've seen a RAID card turn itself into a random number generator and scramble a set of drives.

[PistolPaknMama]

That’s reassuring as I never do such things.

Don't be overconfident. I never do such things either but was hit with ransomeware in December. Lost all my photos of our mother/daughter trip to Ireland that we'd waited for since my daughter was a little girl. Now I back up with iDrive every night.

[grey_whiskers]

*PING* to @Swordmaker.

Thanks, @Mad Dawgg

[JimSEA]

We have a lot of photos that are backed up on Picasa and CD for our older pictures and iCloud and CD for newer ones. The CD has been our fail safe.
Of course I’ve printed out the better ones over the years. Other than that, there is very little that I haven’t got hard copy filed away. Being retired, there’s not much there. However I don’t want to undergo the hassle again (I had a nasty dos virus back in my PC days some ten years ago.

[minnesota_bound]

Time to abandon Apple computers and go over to a safe operating system such as Windows 10 : )

[Nifster]

i don’t use any of those apps and have none of the nasty ransomware on my computer....

[Swordmaker]

This is an earlier thread on the Apple Mac OS X Ransom Ware threat posted by Freeper Mad Dawgg. Please use this one to make comments on this topic as it has priority in posting, Thanks — PING!

Apple Security Warning!
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

[CitizenUSA]

That doesn’t make sense to me. What were you doing when it happened. Did you allow the internet to install something to your system by entering your admin password?

Now I have seen the Safari malware that acts like ransomware, but it doesn’t actually destroy anything. It prevents you from leaving the page (even if you restart Safari), and warns you to call a number to get it removed. Reset Safari by holding SHIFT while starting it, and it won’t reopen that site.

[tubebender]

I have backed up my iMac to a external drive for years and my daughter had her daughter install a backup drive on her’s. It’s mostly for photos and contacts

[palmer]

BitTorrents are also typically used to send files, like pirated movies, that probably should be avoided in the first place.

Bit torrents are the gateway to hell, I had some SW installed once to get some very large file I needed for work (forgot what it was). The SW was unpredictable and used copious disk. I eventually removed it. Not recommended.

[Kid Shelleen]

Here are some more details. It looks like Apple has already provided a fix. Infected files were downloaded after 7pm on Friday, and before 2am Sunday morning.

if you try to open a version of the application that is known to be infected you will be given a warning message saying either, “Transmission.app will damage your computer. You should move it to the Trash,” or, “Transmission can’t be opened. You should eject the disk image.”

7 steps to protect yourself against over-hyped ‘ransomware’ threat

[PistolPaknMama]

That doesn’t make sense to me. What were you doing when it happened.

I have no idea now. About the only links I click on are links from FR.

Did you allow the internet to install something to your system by entering your admin password?

Absolutely not.