Apple Users Targeted With Widescale Ransomware Campaign For First Time

Image courtesy of Ed Uthman

For decades, many Apple users have bragged about their computers not being targeted by viruses and malware in the way that Windows-based computers were. But over the weekend, hackers launched what is believed to be the first widespread ransomware campaign against Mac computers.

Unlike typical viruses, which seek to damage a computer or erase data, ransomware locks down the data on a device until the user pays up to regain access to their computer.

Reuters and 9to5Mac report that the “KeRanger” or “KeyRanger” ransomware began showing up on Apple computers on Friday. Users are acquiring the malware through a tainted version (v. 2.90) of a file-sharing program called Transmission.

After a few days of lying dormant, the ransomware encrypts the infected computer’s files and demands a payment of one Bitcoin, which is currently valued at around $409.

Because of the dormant period in the ransomware, computers that were infected over the weekend may not yet be locked down.

Apple responded to the news of the attack by revoking the the digital certificate that enabled the software to install itself on Macs, while Transmission removed the infected software from its website. A subsequent release (v. 2.92) of Transmission claims to automatically remove the ransomware.

First OS X ransomware detected in the wild, will maliciously encrypt hard drives on infected Macs (updated: how to fix) [9to5Mac]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.