Ransomware to demand ransom with first data encryption on Mac OS X appeared



Malicious malware that demands that you pay ransom if you want to encrypt data of infected computer or put it into a state of system disabled and restore it "RansomwareThe violence of "finally expanded to OS X. The first Ransomware to infect OS XKeRanger"Has been discovered.

New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer - Palo Alto Networks BlogPalo Alto Networks Blog
http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-ransomware-keranger-infected-transmission-bittorrent-client-installer/

OS X First Ransomware Infection is BitTorrent Client'sTransmissionIt is found by users using. It is confirmed that the version of "Transmission 2.9.0" installer infected with Ransomware KeRanger is circulating by the security company enterprise Palo Alto Networks, Transmission 2.9.0 users are 2.9.1 and malware infection file We recommend that you update to the latest 2.9.2 with auto delete function.


According to Palo Alto Networks, KeRanger encrypts the file after the latent period of three days after the infection "If you want the file to be decrypted, virtual currencyBitcoinIt will threaten to pay 1 BTC (about 45,000 yen at the time of article creation) ". There is no guarantee that data will be decrypted when you paid ransom. If Transmission 2.9.0 is used, it seems necessary to back up data using "grace period" on 3rd.


KeRanger has passed through Apple's gatekeeper protection because it has been given a valid developer certificate for Mac applications. After Palo Alto Networks reported to Apple, the exploited digital certificate has been invalidated by Apple and XProtect is being updated.

It is likely that OS X's first Ransomware will be KeRanger, but as of 2015 the possibility of Ransomware infection for OS XAnnounced by SymantecIt was done. Mac users no longer have to watch out for malware and rantamware in a situation that can not be said as "secure because it is a Mac".

in Software,   Security, Posted by darkhorse_log