KeRanger Mac Ransomware Based On Linux Forebear, Not Windows

An anonymous reader writes: It appears that the KeRanger ransomware that's been tormenting Mac users for the past days is actually based on a ransomware variant that targets Linux servers, and not on a ransomware family coming from Windows. That particular Linux ransomware is also based on an open-source ransomware called Hidden Tear that was uploaded to GitHub by a Turkish security researcher. So obviously, the conclusion is that GitHub is to blame for the KeRanger Mac ransomware. (Note to readers: That last bit is tongue in anonymous cheek.)

Re:Well Duh Max OS is Based on Linux

[nawcom]

Mac OS X was based on NeXTSTEP which predates Linux, and NeXTSTEP was based on 4.3FreeBSD and CMU Mach.

Re: Linux ransomware torments Mac users?

[samkass]

In this case, by someone hacking the installer to a BitTorrent client, hacking the server that distributes it, and signing it with a valid Apple developer cert and swapping their version in. Then hoping no one notices until the few days pass before it does its job and triggers. That last part didn't happen. Apple patched the built-in anti-malware, the company released a new version that removes the malware, and it was only downloaded about 6,500 times before disappearing. Unless any of those machines stayed completely off the internet in that time, it probably didn't strike anyone in the wild. That's what bein "tormented" by a Trojan Horse looks like on the Mac.

Ah, The Reactionary GOTOs

[cmholm]

this seem to be linked to regrowth of political correctness and sheepish acceptance of so called 'liberal', elitist, ideology by the western young . bankrupt irrational ideas can't tolerate humor that show their absurdity.

And the lickspittles of the conservative elite bleat whatever cliches their paymasters order up.

Blow me, reactionary mouthpiece.