A ransomware successfully infiltrated Mac products over the weekend, and it has been discovered that the virus is spreading through torrenting software.
Researchers at Palo Alto Networks found the ransomware in an OS X BitTorrent client called "Transmission" - a software that Apple users install to access torrent files. The malware has been dubbed "KeRanger."
Ransomware, known to attack Microsoft PCs the most, got its name because it takes over laptops or PCs and demands a ransom before the hacker returns access to the owner. On an estimate, this cybercrime activity has collectively cost people millions of dollars a year.
This is the first time that the malware has successfully infiltrated Apple products. "This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," said Ryan Olson, director for Palo Alto Threat Intelligence.
Mac users who have recently downloaded version 2.90 of "Transmission" are the most susceptible to the malware and should immediately update to the 2.92 version in order to stop the "KeRanger" from making its way to the product.
In order to determine if a Mac product is now prone to the infection and how one can get rid of the malware before it attacks, one can check the device for a file named "Applications/Transmission.app/Contents/Resources/ General.rtf" or "/Volumes/Transmission/Transmission.app/Contents/Resources/ General.rtf." If found, delete the file.
Also, If you find "Users//Library/kernel_service" in your Activity Monitor, force quit the process.
However, if the malware has already infected the device and paying the ransom is out of the question, one can opt to restore the hard drive using a Time Machine backup.
Palo Alto Labs has released a blog that further details how to remove the "KeRanger" from Apple products, as well as how to prevent it from infiltrating Apple devices in the future. The certificate used by the ransomware has also been revoked by Apple, and the people behind "Transmission" have also removed the infection on its end.
While the solution to the problem has been quickly provided by Mac, the incident has still scarred the company because the long-standing belief of its invulnerability to any kind of malware has finally been debunked.