This week two new ransomware attacks have been detected, affecting both Mac and PC users. Ransomware has been a popular criminal business model targeting Windows users for while now, but a new ransomware, called KeRanger, is the first to specifically target Mac OS X machines. Meanwhile, in the world of Windows, PETYA, is a new and well-disguised ransomware affecting many unsuspecting victims.
What is ransomware?
Ransomware is a kind of a malware which imposes a lockout, preventing you from being able to use your computer until you pay a ransom or risk having your data completely wiped after the lockout period.
Both KeRanger and PETYA give victims a lockout window before total data destruction, demanding a ransom of 1 bitcoin to be paid (approximately 560.23 AUD at the time of writing).
Am I at risk?
The KeRanger malware was first discovered in rogue versions of Transmission, a popular BitTorrent client. Shortly after the discovery, Transmission requested all users running the version immediately upgrade or delete their copy, in case they have downloaded a malware-infected file.The attack is another demonstration of the risks involved with peer to peer file sharing, such as bit torrent. Whilst this particular attack has been limited to the Transmission bit torrent client, it is now not so hard to expect that future attacks may be spread through other file and email methods.
For Mac users, now is the time to be more vigilant about opening email attachments and website downloads.
For those of you on PC, although ransomware is not new, it is now hiding in otherwise legitimate places! The nasty new ransomware, PETYA had been found disguised in an email disguised as a Job Applicant’s CV. The email links to a Dropbox folder containing the applicant’s ‘Curriculum Vitae’ which instead downloads the malicious file.
What can I do about it?
For our clients with a Mac Aid Monitoring service, a report will be received if you have been affected by ransomware so that it can be resolved as soon as possible.