Pre-KeRanger Mac Ransomware

While working on an internal project at ESET, I came across an article I wrote for Information Security Magazine back in 2013: Mac Ransomware Deviating from the (java)script.

With the recent kerfuffle about KeRanger, it’s interesting to recall one of its (rare) precursors on the OS X platform. In this case, there wasn’t actually a malicious executable as such, and the whole system wasn’t really locked, even though a pop-up told the victim that his or her browser was locked and that ‘ALL PC DATA WILL BE DETAINED AND CRIMINAL PROCEDURES WILL BE INITIATED AGAINST YOU IF THE FINE WILL NOT BE PAID.’ However, the pop-up did make it very difficult to quit Safari, which was probably scarier than it sounds for the victims.

The story was based on an article by Jérôme Segura for Malwarebytes. Irritatingly, there doesn’t seem to be a link in my article, but this looks like Jérôme‘s article: FBI Ransomware Now Targeting Apple’s Mac OS X Users

The present article was also published on Mac Virus.

David Harley

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.