New Apple OS X Ransomware discovered by “Unit 42” of Palo Alto Networks


A new Ransomware targeting Apple OS X based computers has been found and reported by Palo Alto Networks
. Their Unit 42 Security Group have named this new ransomware as “KeRanger”.

Two installers of the Transmission BitTorrent ailient installer for OS X were found by Palo Alto Networks to be infected with KeRanger Ransomware.

The following is a quote from the Palo Alto Networks Reseaarch Center blog:

Palo Alto Networks reported the ransomware issue to the Transmission Project and to Apple on March 4. Apple has since revoked the abused certificate and updated XProtect antivirus signature, and Transmission Project has removed the malicious installers from its website.

The Transmissionbt.com home page features the following security notice:

Read Immediately!!!!

Everyone running 2.90 on OS X should immediately upgrade to and run 2.92, as they may have downloaded a malware-infected file. This new version will make sure that the “OSX.KeRanger.A” ransomware (more information available here) is correctly removed from your computer.

Users of 2.91 should also immediately upgrade to and run 2.92. Even though 2.91 was never infected, it did not automatically remove the malware-infected file.

Click on this line to visit the Palo Alto Networks Unit 42 webpage. There you will compete details about KeRanger. Scroll down to the section titled: How To Protect Yourself.

Click on this line to visit the MacRumors website to read their post titled: “First Mac Ransomware Found in Transmission BitTorrent Client”.

Click on this line to visit the 9to5Mac website to read their post titled “First OS X ransomware detected in the wild, will maliciously encrypt hard drives on infected Macs (updated: how to fix)

Click on this ine to visit the arstechnica website to read their post titled: “First Mac-targeting ransomware hits Transmission users, researchers say Rogue copy of BitTorrent client results in KeRanger install, which demands 1 bitcoin.”

Click on this line to visit the Reuters website to read their post titled: “Apple users targeted in first known Mac ransomware campaign“.

Click on this link to view other CyberSecurity related posts found on Uniquely Toronto.

 

Posted by: Vincent Banial
www.uniquelytoronto.com

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice. Any offers mentioned in this post are also subject to change without notice.

Advertisements