[Updated 7th March 2016:
- Additional commentary by Graham Cluley for Intego – Mac Users Hit by Rare Ransomware Attack, Spread via Transmission BitTorrent App
- Darren Pauli for The Register – First working Apple Mac ransomware infects Transmission BitTorrent app downloads: If you downloaded 2.90, you’ve got a few hours to get rid of it.
- By David Bisson for Tripwire: Fully Functional Ransomware Targeting OS X Users.
- By Peter Stancik/Anton Cherepanov for ESET: New Mac ransomware appears: KeRanger, spread via Transmission app.
According to a ComputerWorld story, (and confirmed elsewhere) Apple has revoked the certificate of the compromised version of BitTorrent client Transmission and updated Xprotect.]
Palo Alto reported on March 6th that New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer: they believe this to be ‘the first fully functional ransomware seen on the OS X platform.’ At any rate, it looks like a capable piece of malware. According to fortune.com, Palo Alto plans ‘to release a blog advising Mac users on ways to check to see if they were infected with the virus and steps they can take to protect against it harming their data’.
Info also added to the Mac Virus blog and the AVIEN ransomware resource page. More info as the story develops, if time allows.
The AVIEN Portal 