New Ransomware Virus Attacks Apple Computers

Though Apple is famous for its easy to use computers and extensive security, the company suffered a setback this past week with its first ever “ransomware” attack. Hackers who have yet to be identified infected multiple versions of Apple’s “Transmission” program. Transmission is a tool that allows Mac users to transfer data to one another by way of a BitTorrent file sharing network. The presence of ransomware is quite the shocking news for Mac users who had grown accustomed to superior performance and security compared to PC users. After all, those Apple computers they purchased did not come cheap.

Apple Ransomware

About Ransomware

The ransomware attack on Apple computers was first spotted by Palo Alto Networks on OS X. The malicious software was identified on March 4th. Palo Alto Networks reported the problem to Apple right away in an effort to limit the hack’s damage. Though Apple officials did not make themselves available for immediate comment, company executives have reported that they have taken extensive attempts to safeguard users’ machines. Ransomware is best described as a nasty software designed by malevolent hackers to hijack a computer and lock out the user until he pays the requested ransom. This program, called KeRanger, demands that its victims pay a Bitcoin to have their files returned. This might not sound too harsh on the surface until you find out that a single Bitcoin costs more than $400.

How the Attack Occurred

The ransomware attack infected two unique versions of Transmission. According to Palo Alto Networks, the attack represents the first ever functional edition of ransomware that has been identified on Apple operating systems. Yet it is unclear as to how the malicious software was uploaded in the first place. Those who work in the cyber security industry have weighed in on the attack. Most point to the commonly used method of infiltrating legitimate applications to plant the ransomware. Palo Alto Networks posted a statement on its blog stating that it might be possible that hackers compromised Transmission’s website and replaced the files with new malicious versions.

The Extent of Ransomware’s Damage

A developer who refused to identify himself reported that the ransomware has been downloaded in excess of 6,000 times before Apple personnel could contain the malicious software. Later, John Clay, a spokesman for the open source Transmission tool, reported that the ransomware was downloaded around 6,500 times. It’s quite a moderate impact compared to ransomware attacks of the past. Ransomware infections on hardware running Microsoft’s Windows operating system number in the millions. According to Symantec, one of the leading cyber security companies, nearly 9 million computers with Windows operating systems were attacked in 2014 alone.

The Response

Clay reports that the regular disk image was removed and a compromised one was put in its place. Clay states that the server security “…has since been increased”. Apple representatives later revealed that the company worked as quickly as possible to prevent more infections. One preventative method that it employed was revoking the digital certificate that made it possible for the malicious software to be installed on Mac computers in the first place. Transmission responded to the attack by eliminating the 2.90 version of the software from the company’s website. It then released a new version, 2.92. According to a statement posted on Transmission’s website, this new version of the software will automatically remove the virus from infected computers.

The Ransomware Attack Represents More Bad News for Apple

Though Apple products have skyrocketed in popularity over the past few decades, the ransomware attack is the latest in a long string of security snafus for the popular computer and phone maker. The security of Apple products is currently being questioned. The tech giant is embroiled in a heated conflict with the United States government over whether the company should unlock smartphones of terrorists and others who are characterized as threats to national security. There is no doubt that the company is in desperate need of a public relations boost.

Skip to content