Posted on 03/11/2016 6:05:39 PM PST by Utilizer
The first known ransomware targeted at Apple's Mac computers was only downloaded about 6500 times, according to a representative for the Transmission project, whose software was used to launch the attack.
Transmission representative John Clay said the ransomware was added to disk-image of its software after the project's server was compromised in an attack.
"We're not commenting on the avenue of attack, other than to say that it was our main server that was compromised," he said. "The normal disk image [was] replaced by the compromised one."
He said security on the server had since been increased and the group was in "frequent contact" with Apple as well as Palo Alto Networks, which discovered the ransomware.
It's the first campaign of its kind against Apple computers. At this stage, it is not known how many systems have been successfully attacked by the malware.
(Excerpt) Read more at itnews.com.au ...
WHO’S GOT THE APPLE PING LIST?
If I have not purposely downloaded Transmission, and I do not use an administrator account while using my Mac or Macbook, am I safe?
Swordmaker. He’s already addressed this one at length.
One of the C’thulthu followers, I believe. *snicker*
Yes, you’re safe.
The whole recurring theme to Apple malware is the victim must do at least one, and usually several, very deliberate step(s) to actively disable Apple’s security. In this case, you’d have to _deliberately_ download Transmission _and_ run it in administrator mode; the former isn’t particularly stupid but you _do_ have to know what you’re doing, and the latter is just a bad idea ... and the perpetrators had to go to great lengths to take advantage of both situations happing at once, and since the breach was discovered early both the legitimate & hijacked company has already distributed a self-correcting update, and Apple has de-authorized the “signing key” required to install the malware version.
You called? [Utilizer shrieks in existential horror as he is replaced via a “rm -rf /usr/Utilizer; cp -r /usr/ctdonath2 /usr/Utilizer” script]
*laugh!* Thanks. I quite needed a good chuckle today. :)
Thank you for your reply.
Safer yet is not using either one and only using a ‘nix machina to access the internet. *grin*
I’ll have to take your word for it because my computer expertise doesn’t extend much farther than knowing how to plug it into the socket.
Well, seeing as OS X _IS_ a certified “‘nix machina”...
Well, ‘nix-dirived, actually, but yes you are essentially correct. Except that I do not believe that Linux will run any OS-X programs.
I could be wrong. Not really familiar with macmachines, I must admit.
Bewdy! There are already some Linux-based OEM machines out there, and yes all you have to do is plug them in and log on and you are off and running. :)
No, OS X absolutely is UNIX. It’s been certified to high (highest?) levels as such, a very expensive & demanding process - which Linux _hasn’t_ achieved.
You’re probably confusing the OS with the window manager, bundled as part of OS X distribution and (exact details escape me) not particularly conducive to running on a non-Apple configuration. The core problem is there’s a bunch of non-OS stuff required for most OS X programs, and if you don’t have the libraries/source/etc making it run will be a major pain. [does quick search] Ah, there is a project to run unmodified OS X binaries on Linux: https://www.darlinghq.org but it’s going slow.
I will have to look into that because my machines are aging, kind of like me. Hope this 77 year old dog can learn new tricks.
Hmm. Learn something new every day.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.