Apple Has Shut Down the First Fully-Functional Mac OS X Ransomware

An anonymous reader writes: Apple has shut down what appears to have been the first, fully-functional ransomware targeting Mac computers. This particular form of cyber threat involves malware that encrypts the data on your personal computer so you can no longer access it. Afterwards, the hackers request that you pay them in a hard-to-trace digital currency — in this case, bitcoin — in order for you to retrieve your files. This ransomware, called KeRanger, was first reported by researchers at Palo Alto Networks. They also noted that Apple has now revoked the abused certificate that was used in the attack and updated its built-in anti-malware system XProtect with a new signature to protect customers.

Re:so much for the walled garden

[rsborg]

I thought certs where going to protect us from this mess. It is nice that Apple yanked this cert, but what is to stop another cert from being bought and used to do the same damn thing?

Nothing. However, what's good to know is that I no longer have to worry about this one - and the turnaround was pretty quick. Assuming Apple can keep up with any threats like this (it's not like they don't have enough money to justify it), it's just like doing a regular bit of weeding in your garden.

Re:Wouldn't it be great if....

[geekmux]

Software developers invested this much effort in finding legitimate uses for Bitcoin? Crapware like this only helps to reinforce the notion that Bitcoin is only used by the criminal underground.

Well, actually it reinforces the purpose of anonymous transactions.

Let's not sit here and pretend that cash transactions (a.k.a. the other side of the coin) are somehow not heavily relied upon within the criminal community, and for the exact same reasons that bitcoin is.

Criminal activity will be a side effect of anonymous transactions no matter the medium. What should concern us more is when anonymous transactions are made 100% illegal, even for legitimate privacy reasons.