The first ransomware campaign against Macintosh computers took place this weekend, according to Palo Alto Networks researchers.
Ransomware encrypts data on infected machines, and then demands the victim pay a ransom to retrieve the data from their device. The money is paid using hard-to-trace digital currencies. Experts estimate that cybercriminals earn millions of dollars from these types of campaigns.
Windows operating systems are usually the target of ransomware, and Palo Alto Threat Intelligence Director Ryan Olson said the “KeRanger” malware was the first to target Macs.
“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Olson said in a telephone interview with Reuters.
Hackers were able to infect Macs through a program named Transmission, which allows users to transfer data through the BitTorrent peer-to-peer file sharing network. Transmission released version 2.90 on Friday, and when users downloaded the update, their machines were infected with KeRanger.
Transmission has announced that it removed the malicious version of the software from its website, and released version 2.92 on Sunday, which automatically removes the ransomware. The company urges users to immediately install the new version if they believe they have been infected.
An Apple representative said they have revoked the digital certificate that was enabling the software to install on Macs.