Slashdot Mirror

← Back to Stories (view on slashdot.org)

Transmission BitTorrent App Contained Malware (cnbc.com)

Posted by BeauHD on from the late-to-the-party dept.

An anonymous reader writes: Apple users were targeted in the first known Mac ransomware campaign. Hackers targeted Transmission, which is one of the most popular Mac applications used to download software, videos, music, and other data from the BitTorrent peer-to-peer information sharing network. As per this forum post (English screenshot of warning), OS X detected malware called OSX.KeRanger.A. This is the first one in the wild that is functional as it encrypts your files and seeks a ransom. An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs.

2 of 109 comments (clear)

  1. Digital certs don't make your software secure by NotInHere · · Score: 3, Interesting

    In fact, in this case probably it was the contrary. I guess the developer was not part of the developer team for transmission, but external. If it were easy to package software for macs without having to pay lots of fees, the dev team could have done it themselves. Apple really should give free dev licenses to free software developers, to help fight abuse. Github does something like that too.

    1. Re:Digital certs don't make your software secure by butzwonker · · Score: 3, Interesting

      It can be exorbitant for small developers in combination with the other requirements. You also need to buy Macs every 3-5 five years in order to be able to stay afloat as a developer. Let's say you only update your machine every 5 years (a bit optimistic). Then a realistic estimate for the real development costs is USD 99 x 5 + USD 1300 MacBook Pro 13 + USD 249 Apple Care for MacBook Pro 13 for a total of USD 2044 / 5 years or USD 409 per year, not including any software, online storage and backup, web services, backup software and storage, etc. For serious business these costs are no problem. For small shareware and occasional developers these costs can be prohibitive. They certainly are the reason why I don't develop for Apple. And don't forget that Apple additionally takes 30% of all your revenue as opposed to 10 - 16 percent that ordinary payment services take, so the real costs for individual developers are much higher.