Warning: First Fully Functional OS X Ransomware Targets Mac Users

Over the weekend, hackers managed to infect the open source Transmission BitTorrent app with the first fully functional ransomware seen on OS X, reports Palo Alto Networks.Dubbed ‘KeRanger’, the ransomware was inserted into two installers of Transmission 2.9 on March 4th. It’s unclear how the files were replaced with infected versions but the website may have been compromised.The KeRanger application was signed with a valid Mac app development certificate; therefore, it was able to bypass Apple’s Gatekeeper protection. If a user installs the infected apps, an embedded executable file is run on the system. KeRanger then waits for for three days before connecting with command and control (C2) servers over the Tor anonymizer network. The malware then begins encrypting certain types of document and data files on the system. After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to a specific address to retrieve their files. Additionally, KeRanger appears to still be under active development and it seems the malware is also attempting to encrypt Time Machine backup files to prevent victims from recovering their back-up data.Share Article:Facebook,   Twitter,   LinkedIn,   Google Plus,   Email,   Reddit,   Digg,   Delicious,   StumbleUponFollow iClarified:Facebook,   Twitter,   LinkedIn,   Google Plus,   Newsletter,   App Store,   YouTubeAdvertise Here

Source: iClarified Read More: Warning: First Fully Functional OS X Ransomware Targets Mac Users