2012Apple CEO Tim Cook describes new models of the iMac desktop computers during an Apple event in San Jose, California October 23, 2012
2012Apple CEO Tim Cook describes new models of the iMac desktop computers during an Apple event in San Jose, California October 23, 2012

KeRanger ransomware: Apple Macs hit by malicious software attack for the first time ever

Ransomware is malicious software that hijacks a computer and won’t give its owner access until a fee is paid

Andrew Griffin
Monday 07 March 2016 10:13
Comments

Mac users have been hit by “ransomware”, one of the most dangerous and malicious kinds of software, for the first known time.

The newly-discovered “KeRanger” attacks encrypts all of the data on machines that it gains access to, and then forces their owners to pay so that they can re-gain access to the device.

The tools are already hugely popular, generating hundreds of millions of dollars for the cyber-criminals that use them. But KeRanger is the first time that Apple’s computers, which are often more resilient to cyber threats, are known to have been affected.

KeRanger forces people affected by it to pay $400 per computer to get access to their files. As with many such attacks, the hackers actually require payment in Bitcoin, which makes it harder to trace the attackers.

If people don’t pay the charge and don’t get their computers cleaned, they might start losing access to the files installed on them soon. That could happen even if they have knowingly been presented with the ransom demand.

The software made its way onto Apple computers through the Transmission BitTorrent client. That software is used for downloading torrents, but the new release of the software also came with the dangerous files bundled in.

The makers of Transmission released a new version of the software that automatically removes the malware from computers that it’s installed on. It advised users to install the software as soon as possible.

Apple chief attacks FBI probes

Apple told Reuters that it had taken steps to stop the software working. It had revoked a digital certificate that allowed the software to install itself on computers, the company said.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in