We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

New Mac-Targeting Ransomware is a Real Bad Apple

b2ap3_thumbnail_iphone_ransomware_400.jpgRansomware has been spreading like wildfire over the past few years, but up until very recently, Mac users were spared from this troubling development. Now, security researchers at Palo Alto Networks have discovered what they believe to be the first instance of completed ransomware on an Apple device. As this threat is “in the wild,” Mac users should be wary of it and see it as a potential threat.

The ransomware in question, KeRanger, is believed to be the first completed ransomware to exist on the OS X operating system. In 2014, Kaspersky Labs discovered an incomplete form of ransomware for the Mac platform, but it didn’t pose an immediate threat. Now, however, KeRanger marks the beginning of more dangerous threats finally making their way to Apple’s operating systems.

To make matters worse, this ransomware is spread through a torrenting software called Transmission, which is designed to share files. Though torrenting software has a bad reputation for distributing pirated content, like copyrighted films, tv shows, music, and much more, it has plenty of legitimate uses, as well.

As explained by CNet:

If a user installed one of the infected versions of Transmission, an executable file embedded within the software would run on the system. At first, there'd be no sign of a problem. But after three days, KeRanger would connect with servers over the anonymous Tor network and begin encrypting certain files on the Mac's system.

Researchers have concluded that KeRanger is still under development, and is seeking a way to also encrypt the victim’s backup data. In many cases, restoring a backup of your system’s data is the only way to remove ransomware. Thus, KeRanger is taking a significant step toward making it virtually impossible to recover your data without paying the ransom.

In response to the threat, Apple has revoked the security certificate that KeRanger takes advantage of, and has updated its XProtect antivirus software. Transmission has also removed the infected versions of its installer from its website. Still, those who already have unknowingly downloaded the Transmission installer between March 4th and 5th 2016 may be affected by KeRanger. If you want to know more about how to identify if you’re affected by KeRanger, you can review how to protect yourself on Palo Alto Networks’ site.

As is the case with most other ransomware, decrypting the files on your own is nearly impossible. This is how hackers make their money off of ransomware; they play to the fear that users won’t be getting their data back. This is the reason why we always advocate that you take preventative steps to lessen the chances of your data falling victim to ransomware. Implementing a solid security solution is a great way to do so, and you should generally avoid torrenting files in the office anyway; it’s especially important that your employees understand this, too.

In the case of ransomware, the most important thing to remember is that you need to prevent your systems from getting infected before anything else. Otherwise, you risk everything. To make sure your systems are properly protected, give Preferred a call at 708-781-7110.

Tip of the Week: 4 Brilliant Ways to Get More Work...
New Technology Delivers Staggering Data Retention ...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, December 11 2023

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      I hate to be the bearer of bad news, but when it comes to cybersecurity threats it’s kind of hard not to be. I used to look at it from two sides; one side is fascinated at the innovation and intensely brutal ways that high-end cyberattacks work, and the other side of me lose...

      Latest News

      Preferred is rated Best Places to Work - 3 Consecutive Years!

      Preferred has been named as one of the Best Places to Work in Illinois in 2020, 2021 and 2022. The awards program began in 2006 and is promoted by The Daily Herald Business Ledger in partnership with the Illinois Chamber of Commerce, MRA-The Management Association, the Small Business Advocacy Council and Best Companies Group.