Sign in with Microsoft

This week, there’s more proof that every users of Mac OS need to be as vigilant as Windows users when it comes to locking down their computers.

Security researchers have picked up on one more reason to make sure every operating system has some form of internet security on it this week, with Mac OS X getting infected with ransomware.

If you’re unfamiliar with the term, “ransomware” is a nasty little piece security exploit that when opened looks at files you might be commonly using and locks them down, encrypting them in such a way whereby you’ll need to actually pay a ransom in order to get the key to unlock them.

Paying that ransom doesn’t always work, though, and so ransomware can be highly destructive, with security researchers often suggesting to never pay the ransom and to delete the security issue, relying on backups for files if you are infected.

Not getting infected by ransomware is always going to be the best approach, however, and that’s where internet security solutions come into play.

In the past year or two since ransomware popped up on the scene, Windows and Android have generally been the targets, but researchers this week at Palo Alto Networks have found that Mac OS is now in the sights of cybercriminals, with a piece of software including a ransomware variant inside.

According to the folks at Palo Alto Networks, a BitTorrent application named “Transmission” included the ransomware virus “KeRanger”, which according to its researchers would sit on a computer for three days before doing anything and unleashing its payload, which encrypts files on a computer and then asks for payment before unlocking them.

While it’s bad that a security exploit was found to work on a Mac, it’s worse that it happened with a real version of the torrenting application, though we’re told Transmission’s developers were on it pretty quickly, restoring regular virus-less versions of the app.

Now we’re not going to debate the valid reasons for using torrenting programs because there definitely are some, though we’d hazard a guess that the majority of people relying on torrenting are perhaps using the apps for some less than legal options, if not some downloads that stray into grey areas.

If you are doing this, internet security is vital for lots of reasons, with tracking, port cracking, and fake files being some of the main reasons.

The Mac ransomware infection of a torrenting app, however, just cements this need even more, and while Apple was also on guard quickly, revoking access to the certificate the virus was taking advantage of, it still highlights the need for security software on every platform, Mac included.

“Although this particular attack was quickly shut down, we may potentially see a new wave of similar attacks in the near future,” said Joji Hamada from Symantec’s Security Response team.

“It’s always important to take caution when installing software downloaded from the internet,” said Hamada.


It might even be worth pulling apart the KeRanger threat a little more, with one of Symantec’s rivals Bitdefender chiming in with an analysis of its own, discovering that the exploit offers a very similar build to another virus that has been plaguing Linux users.