HACKINTOSH.ORG | Macintosh discussion forums

Macintosh News => iPhone/iPod/iPad News => Topic started by: HCK on March 07, 2016, 09:00:24 am



Title: First working 'ransomware' on OS X released via Transmission BitTorrent client
Post by: HCK on March 07, 2016, 09:00:24 am
First working 'ransomware' on OS X released via Transmission BitTorrent client

OS X now has an example of "ransomware". A security firm has discovered that an earlier version of the Transmission BitTorrent client installer was infected with what they are calling the "KeRanger" ransomware. It's the first time a fully working version of this kind of malware has been found out in the open for OS X. According to Palo Alto Networks, KeRanger was first detected on March 4: The KeRanger application was signed with a valid Mac app development certificate; therefore, it was able to bypass Apple's Gatekeeper protection. If a user installs the infected apps, an embedded executable file is run on the system. KeRanger then waits for for three days before connecting with command and control (C2) servers over the Tor anonymizer network. The malware then begins encrypting certain types of document and data files on the system. After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to a specific address to retrieve their files...<br clear='all'/>

<a href="http://rc.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/rc/1/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/rc/1/rc.img" border="0"/>[/url]

<a href="http://rc.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/rc/2/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/rc/2/rc.img" border="0"/>[/url]

<a href="http://rc.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/rc/3/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/rc/3/rc.img" border="0"/>[/url]

<img src="http://da.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/a2.img" border="0"/> (http://da.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/a2.htm)<img width="1" height="1" src="http://pi.feedsportal.com/r/247393867551/u/49/f/616881/c/33998/s/4e129d63/sc/28/a2t.img" border="0"/><img width='1' height='1' src='(http://tipb.com.feedsportal.com/c/33998/f/616881/s/4e129d63/sc/28/mf.gif)' border='0'/>

Source: First working 'ransomware' on OS X released via Transmission BitTorrent client (http://feedproxy.google.com/~r/TheIphoneBlog/~3/PBtRAvcOrbY/story01.htm)