Last Friday, Mac users came to know of a category of malware known as ransomware, which infected Mac computers for the first time. The malware, which has been named KeRanger was used as a ploy by hackers to infect Macs through Transmission, a program used to transfer data through the BitTorrent client.
The malware hatched onto the version 2.90 of Transmission last Friday, when the update was released.
Now Apple has reportedly found a way to eliminate this malware by updating its anti-malware system called XProtect with a new signature.
The malware’s presence first came to the notice of Palo Alto Threat Intelligence research team. The ransomware has a typical modus operandi that, as the name suggest, involves victims shelling out ransom to retrieve data on their systems.
The malware, that used to remain confined to Windows OS, seeped into Mac computers through the BitTorrent client, Transmission. Once infected, the malware lays quiet for three days, after which it connects to the hacker’s server and beings to encrypt user data so that it is inaccessible. Now the malware does its intended job by asking the users to shell out 1 bitcoin, which is $400 to retrieve their data. Invariably the users fall prey and pay the ransom, which accounts to millions of dollars across the world.
Even Transmission responded in a quick fashion by removing the 2.90 version of its software. The BitTorrent client, which is one of the most sought after Mac applications for downloading through the peer-to-peer network, immediately recommended its users to update the software to version 2.91.
Ransomware is an umbrella term given to the class of malware that first restrict access to an infected system and then demand money from the user to allow access to their data. It is one of the sternest type of malware that is increasing in popularity among hackers. It is estimated that the money generated from these malware amounts to millions of dollars a year
Previously another malware knows as FileCoder was found in Mac computers, but this was not fully functional, unlike KeRanger, which is described as the first fully functional ransomware for Mac computers. Though it is less than a week, it is still unclear how many Mac systems have been affected with this malware.
However, due to swift response shown by Apple and Transmission, the spread of the malware has been slowed down.