Call Us Today! 636-557-7777   security@omegaatc.com  |  Get started now! |       STAY RESILIENT®

Lately, ransomware has been a popular cyber threat costing victims to pay a ransom to reclaim their data, or go time-consuming methods to remove the malware. Some of us have personally gone through the experiences of seeing flashing or dark screens on our computers with some alerts on the next steps to be able to regain normalcy.

Macs were the only ones not affected until now, and the ransomware has targeted OS X operating systems.

“As security researchers from Palo Alto Networks claim to have discovered the very first known instance of OS X ransomware in the wild, called “KeRanger” attacking Apple’s Macintosh computers”, firm’s Threat Intelligence Director Ryan Olson told Reuters.

‘The KeRanger ransomware, which appeared on Friday, comes bundled into the popular Mac appTransmission, a free and open-source BitTorrent client for Mac with Millions of active users. Once the KeRanger malware gets embedded, it asks the victim to pay 1 Bitcoin (~ $410) as the ransom amount to allow him/her to decrypt the hard disk and regain access to their important files. The malware imposes a 72-hour lockout window unless the payment is made.’

Though it is still unclear how the hackers managed to compromise the app and upload the infected files, it is believed that the hackers managed to hack the Transmission website as the site was served via HTTP rather than HTTPS.

Check for the existence of the following in your machines to get rid of the malware:

  • /Applications/Transmission.app/Contents/Resources/General.rtf
  • /Volumes/Transmission/Transmission.app/Contents/Resources/ General.rtf

If even one of these files exist, then the machine has been infected. You machines would need to be upgraded to Version 2.92 of Transmission so the malware can be removed. The good news is, right now KeRanger has been found only in the Transmission app for Mac.

Read more here on this news item. Through Omega’s solutions, integrated anti-virus and anti-malware are automatically updated across stores on Windows machines. Call 636-557-7777, or email Security@OmegaSecure.com.