Ransomware on mac
The way anybody can inspect and edit the code of open-source projects like Transmission and Linux Mint may make them easier targets, Intego’s Kelly said.
RANSOMWARE ON MAC SOFTWARE
As Olson wrote in an e-mail: “Attackers know that being embedded in legitimate software helps them infect more people.”įor example, a few weeks ago attackers uploaded a compromised download of an entire operating system - Linux Mint, a beginner-friendly version of the open-source Linux software - and hacked the real thing’s site to point to the poisoned version. Online thieves will keep trying this tactic because it works.
RANSOMWARE ON MAC HOW TO
We all totally know how to do that, right?) (Ryan Olson, director of threat intelligence at Palo Alto Networks, said a firewall configured to block the anonymous and encrypted Tor network that KeRanger employed to get its encryption key would also have worked. “That’s quite likely to squeak by a lot of users.” “The only way for a user to notice this is to notice something fishy about the owner of the certificate when they install,” wrote Steve Kelly, president of the Mac-security firm Intego. If that line of defense leaks, good luck spotting anything awry.
RANSOMWARE ON MAC ANDROID
(Historically, Google’s Android worked in a similar way, but in the last couple of years it’s added automated and human malware screening.) Because we don’t have time to run a background check on every app developer, we count on systems like Gatekeeper to filter out the evil ones. (It’s possible for users to circumvent that system with a right-click, which is both easy and sometimes necessary in order to run apps from small shops.) But whoever posted the poisoned version of Transmission was able to sign it anyway by using another developer’s certificate.Īn attack like this works because it takes advantage of a key rule for staying safe online: Don’t talk to strangers. In the Transmission case (which was first reported by Palo Alto Networks), the attackers hacked the developers’ site and posted a compromised version of that app containing code that Palo Alto christened “KeRanger.”īy default, OS X’s Gatekeeper security only allows apps signed by their developers with digital certificates issued by Apple to run. But this winter, the Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of 40 bitcoin - about $17,000 - after unspecified ransomware infected its network. The ransom often “only” costs from one to three bitcoin. If you don’t knuckle under in time, the attackers delete the key, and your data’s gone.
Windows users are all too familiar with the ransomware routine, in which malicious code silently encrypts files on your computer and its attached drives and then gives you a few days to pay for a key to unlock them.