First ransomware for OS X was discovered during the past days, it being thought to encrypt data from Macs and ask them for money for decrypting said data, this method being used for years on the Windows platform by hackers.
application BitTorrent Transmission is the one affected by this ransomware, a malware called KeyRanger being discovered in some versions of this application, encrypting Mac HDDs 3 days after installation and asking for money to provide access to data.
The problem is so big that the Apple company has updated the list of malware for the system Gatekeeper so all versions of the Transmission application that have been reported to Apple as infected have been blocked and can no longer be installed on Macs.
The KeyRanger malware is the first type of ransomware that was discovered for Apple's OS X platform, and IT security experts do not recommend those infected to pay the amounts of money demanded by hackers for data decryption.
Palo Alto Threat Intelligence Director Ryan Olson said the "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers. An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs.
The analysis of this malware revealed the fact that until the moment of data encryption it is present in the Activity Monitor under the name kernel_service, the hackers disguising it as a system service to fool users investigating a possible infection.
Those who are infected but do not have encrypted data must restore to a previous backup of OS X made before installing the Transmission application, the same procedure being recommended for those infected.
