It was probably the first time that the hackers have successfully targeted the users of Apple Inc. (NASDAQ:AAPL) Mac with its ‘ransomware’. It was believed to be a campaign against the tech bellwether’s OS. Ransomware was nothing but malicious software, which has been raising its head most recently and stole the user files, as well as, the data before encrypting it. Then, it asks the user to pay money to get the stolen files and data decrypted.
Discovered The Threat On Friday
On Friday, Palo Alto Networks Inc (NYSE:PANW) discovered the specific ransomware called as ‘KeRanger’ that targeted Apple Inc. (NASDAQ:AAPL)’s Mac users. The company explained the way the malware was infecting the systems. A file of ‘BitTorrent’ software called ‘Transmission’ was impacted with KeRanger. As a result, the moment the users of Mac were downloading the recent version, the malware gets installed onto their PC.
In a blog, Palo Alto Networks Inc (NYSE:PANW) said that Transmission was an open source project. Therefore, it said that it was quite possible that its official website was corrupted and that the files got replaced with re-compiled malicious versions. However, the company indicated that it was not in a position to confirm the way the infection might have happened. As soon as KeRanger gets installed on a Mac machine, it waits for three days and then carries out the attack. First, the malware starts encrypting some documents, as well as, data files on a system. Once that was completed, KeRanger demands a ransom of one Bitcoin from the victim, which was equal to more than $400.
Bypassed Security Check
It might have been intriguing to know that the ransomware bypassed Apple Inc. (NASDAQ:AAPL)’s security checks, which are considered to be strong. Most importantly, the tech firm’s OS was signed with a valid app development system thus fooling the X OS into thinking that it was a genuine software piece.
For its part, Palo Alto Networks Inc (NYSE:PANW) has alerted Apple Inc. (NASDAQ:AAPL) on Friday, and the tech firm revoked the ‘abused certificate’. As a result, the iPhone maker also updated its antivirus software. Similarly, Transmission has also revoked the malware software from its software.