First Known Ransomware Threat for Apple Mac Users

Information Security experts warn that a new OS X Ransomware has targeted Apple Mac users with malicious software that will hijack their computer and demand that a payment is made for devices to be unlocked.

According to Palo Alto Networks Research Centre, they detected that the “Transmission BitTorrent ailient installer for OS X was infected with ransomware,” and they have named the malicious software – KeRanger.

KeRanger poses a serious threat to Mac users as the application is signed with a valid Mac app development certificate, meaning that it can bypass Apple’s Gatekeeper protection.

Security experts, Claud Xiao and Jin Chen found KeRanger in a version of the Transmission BitTorrent program.

Due to Transmission being an “open-source’ app, Xiao and Chen claim that “it’s possible that Transmission’s official website was compromised and the files were replaced by re-compiled malicious versions.”

The malware asks victims to pay one bitcoin – around $400 through a Tor network website to decrypt the files. The website will then redirect victims to buy a bitcoin from somewhere else and transfer the funds to the attacker.

Last month, Ransomware made headlines when hackers demanded that a Los Angeles hospital pay 40 bitcoins – currently worth $16,664, when they had taken full control of the hospital’s network and critical data.

Hollywood Presbyterian Medical Center’s CEO, Allen Stefanek paid the ransom as he claims it was in “the best interest of the hospital and the most efficient way to solve the problem.”

While Apple has made every effort to move swiftly to control the Ransomware, if users have downloaded the infected version of Transmission Project they are advised to immediately restore their Mac system and backup to before they were infected.


This content has recently been ported from its original home on The Iris and may have formatting errors – images may not be showing up, or duplicated, and galleries may not be working. We are slowly fixing these issue. If you spot any major malfunctions making it impossible to read the content, however, please let us know at editor AT