There is a first time for everything, and for some Apple Mac owners, becoming the victim of a cyber attack that has allowed Malware known as ‘ransomeware’ to infect their beloved computers, this is a particularly unpleasant and unexpected first.
The extent of the spread of the malware among Apple Mac users is not yet known but the malicious program is thought to have been hidden in the client of a popular program that is used to download and share music and movie files. The malicious software, dubbed “KeRanger” by the researchers from Palo Alto Networks who discovered its presence was hidden in an open source version of a BitTorrent client called ‘Transmission’ which could be downloaded from the Transmission website.
What Does It Do?
This type of ‘ransomware’ is one of the fastest growing kinds of malware programs.
Once a computer is infected with it, the program encrypts data on that computer, effectively locking the encrypted computer files away from user. The next step is to ask for a fee from the user in exchange for a software key that can release those files – hence the ‘ransome’. The perpetrators typically ask for payment using digital currencies because they are harder to trace back.
In the case of KeRanger it is reported to have been designed to encrypt files on an infected Mac 3 days after the original infection, thereby causing maximum disruption to the efforts of those trying to stop it from spreading.
The reaction from Apple upon being informed of the presence of KeRanger in Transmission was to stop any further spread by quickly preventing Transmission from being installed on any more computers by revoking the developers’ certificate. The developers at Transmission then released a new, clean version of the software, and placed a notice on their website requesting customers to upgrade immediately.
Why Such A Shock?
The reality of cyber crime is that nothing appears to be completely safe and if the motivation is strong for the criminals and if the challenge is tempting enough, a committed cyber criminal can usually summon up the creativity to find a way.
Recent high profile cyber crime victims e.g. TalkTalk and JD Wetherspoon mean that we should not really be surprised by the latest cyber crime report. The shock with the Apple attack however is that Apple’s Mac operating system the Mac OS X is considered to be very secure, and this kind of ransome malware infection is a first for Apple. The fact that Apple Macs have kept such an unblemished record so far could in itself have provided some of the motivation for this attack.
What Does This Mean For Your Business?
In the broadest sense this should act as a warning to all businesses that we are all at risk of cyber attack, and that taking as many precautions as you can now is a way to at least act as a deterrent, and is the only real way to reduce the risk.
In relation to this malware attack on Apple, if your business has Apple Macs and if Transmission has been / is being used, sites like Macworld give advice on how to remove the KeRanger malware here: http://www.macworld.co.uk/how-to/mac-software/how-remove-mac-malware-for-free-viruses-keranger-3594625/
You can also find answers on the Apple Discussions thread here https://discussions.apple.com/thread/7485717 including information about how you can download and install Transmission v2.92 from the developer.