KeRanger takes the claim of being the first fully functional ransomware program targeting users of Apple Macintosh computers and laptops. KeRanger is capable of encrypting a Mac user’s data and then demanding a ransom of 1 Bitcoin, which equals about $400, in order to provide the user with a key to unlock the data.
The initial strain of KeRanger is designed to encrypt more than 300 different file types on Mac computers, and it replaces these file with encrypted versions. KeRanger waits three days after installation to begin the encryption cycle, in an attempt to evade some antivirus tools from detecting KeRanger as a malicious file.
KeRanger Discovered in Transmission Bittorrent Update
KeRanger appeared in the wild on March 4, 2016, as part of the latest version of the open-source Transmission BitTorrent client. The malware was identified within six hours of the update, and the Transmission project was able to post a warning on its website alerting users to download and upgrade to version 2.92, as the earlier version 2.90 release contained the OSX.KeRanger.A ransomware.
Fortunately, this gave users of version 2.90 time to upgrade Transmission and uninstall KeRanger before it started its encryption routine, which minimized the potential damage KeRanger could have inflicted on many Mac OS X users.
Incomplete FileCoder Ransomware Preceded KeRanger
While KeRanger takes the claim as the first functional Mac ransomware piece of malware, it’s not the first ransomware attempt initiated against Mac OS X users. An unfinished piece of ransomware dubbed FileCoder was discovered by antivirus firm Kaspersky Lab in June 2014. FileCoder appeared to have been an early test version of a malware program that had not been completed.
Stay up to date on the latest developments in Internet terminology with a free weekly newsletter from Webopedia. Join to subscribe now.
Like everything in technology, AI touches on so many other trends, like self-driving cars and automation, and Big Data and the Internet of Things... Read More »DevOp's Role in Application Security
As organizations rush to release new applications, security appears to be getting short shrift. DevSecOps is a new approach that holds promise. Read More »Slideshow: Easy Editorial SEO Tips to Boost Traffic
This slideshow reviews five easy on-page editorial SEO tips to help drive organic search engine traffic, including the page title, heading,... Read More »
Java is a high-level programming language. This guide describes the basics of Java, providing an overview of syntax, variables, data types and... Read More »Java Basics, Part 2
This second Study Guide describes the basics of Java, providing an overview of operators, modifiers and control Structures. Read More »The 7 Layers of the OSI Model
The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers. Use this handy guide to compare... Read More »