Apple users could be targets of ransomware
For the first time, security researchers have identified ransomware that targets Apple computers. Researchers at Palo Alto Networks Inc. told Reuters on Sunday that Mac users could be vulnerable to the dangerous malware, which encrypts a user's data and then demands a ransom -- payable through digital currency like bitcoins -- in order to receive the key needed to retrieve the data.
The ransomware was found hidden within a popular BitTorrent client -- version 2.90 of Transmission -- which can be installed on Apple's OS X operating systems. The software is used to gain access to shared files that exist in torrent swarms, which is typically pirated video and other content, CNET reports.
"On March 4, we detected that the Transmission BitTorrent client installer for OS X was infected with ransomware, just a few hours after installers were initially posted," the research firm said in a blog post. "We have named this ransomware 'KeRanger.' The only previous ransomware for OS X we are aware of is FileCoder, discovered by Kaspersky Lab in 2014. As FileCoder was incomplete at the time of its discovery, we believe KeRanger is the first fully functional ransomware seen on the OS X platform."
Palo Alto Networks reported its discovery to both Apple and the Transmission Project. In response, Apple revoked a digital certificate that allowed the software to install on Macs.
For its part, the Transmission Project removed malicious versions of the software from its website and released version 2.92, which automatically removes ransomware from infected Mac computers, Reuters reports.
Historically, ransomware has been more of a risk for Microsoft computers, not Macs. Victims have paid ransoms totaling hundreds of millions of dollars each year to get their data back, according to Reuters.
This latest discovery comes just weeks after a major ransomware attack made headlines. In February, the Hollywood Presbyterian Medical Center in Los Angeles paid 40 bitcoins -- about $17,000 -- in ransom to hackers who used ransomware to effectively hold the hospital's computer system, including crucial patient records, hostage.