We suggest terminating it with “Quit -> Force QuitĪpple has since revoked the abused certificate and updated XProtect anti-virus signature, and Transmission Project has removed the malicious installers from its website.
If so, the process is KeRanger’s main process. If so, double check the process, choose the “Open Files and Ports” and check whether there is a file name like “/Users//Library/kernel_service”. Using “Activity Monitor” preinstalled in OS X, check whether any process named “kernel_service” is running. Furthermore, the malicious downloads have now been removed from the Transmission website.Īs MacRumors reports, the software is alerting users with a bright red warning when the app informs them that an update is available:Įveryone running 2.90 on OS X should immediately upgrade to 2.91 or delete their copy of 2.90, as they may have downloaded a malware-infected file. Palo Alto’s research team report that Apple has now revoked the digital certificates that the malware attack was abusing, and updated the rudimentary XProtect anti-virus protection built into the OS X operating system. This new version will make sure that the “” ransomware (more information available here) is correctly removed from you computer. Because KeRanger waits three days before awaking, encrypting your documents and data files, contacting its command-and-control servers, and demanding a one bitcoin (approximately $400) ransom be paid for your data’s safe return.Īccording to the researchers, the KeRanger malware also attempts to encrypt Time Machine backup files, no doubt in an attempt to make it harder for victims to recover their precious data without paying the extortionists.Īnd don’t imagine that OS X’s built-in Gatekeeper protection would have saved you, as it appears that the poisoned KeRanger app was signed with a valid Mac app development certificate.Ī message on the official Transmission website confirms the threat to users, and advises that they “immediately upgrade” to version 2.92:Įveryone running 2.90 on OS X should immediately upgrade to 2.92, as they may have downloaded a malware-infected file.
The outcome is that if you were unfortunate enough to install Transmission 2.90 onto your Mac, your computer may now be the digital equivalent of ticking time bomb. It is believed that hackers managed to compromise the installer of Transmission version 2.90 on its download site on Friday, March 4, in order to spread ransomware that researchers at Palo Alto Research have dubbed “KeRanger.” Mac owners who use the open source Transmission BitTorrent client are being warned that a version of the installer was distributed via the app’s official website, infected with a new family of ransomware. Malware + Recommended + Security News Mac Users Hit by Rare Ransomware Attack, Spread via Transmission BitTorrent App
0 kommentar(er)
