Ransomware is a growing risk on Macs

Ransomware in particular and malware in general have long been seen by consumers, device makers and members of the cyber security community as threats that predominantly target Microsoft Windows-based PCs. This view is understandable.

Through the first quarter of 2016, Apple had only 7.4 percent global market share in PCs, according to IDC. While this number represents years of growth in Mac sales, it is still small compared to the number of Windows machines shipped by all other manufacturers. Even after setting aside the specific platform differences between Windows and macOS, there are simply far more PCs than Macs out there, making the former into more appealing targets of cyber attacks.

However, this does not mean that Macs are immune to malware. On the contrary, the recent rise in Mac market share as well as the growing synergy between macOS and iOS (the operating system of iPhones and iPads) has inspired a new wave of Mac-centric attacks. Let’s look at how ransomware has been a particularly active frontier for the energies of today’s cybercriminals.

Bad Transmission: How a torrent client revealed the Mac’s vulnerability to ransomware

Ever since the Mac App Store launched with OS X Snow Leopard in 2009, Mac owners have had several options for installing programs to their computers. They can restrict themselves to apps from the Mac App Store (all of which are prescreened by Apple), use that store plus any applications they get from around the internet that are made by Apple-identified developers or just download anything. The latter is the riskiest, but there is danger even from the second option, as the case of Transmission demonstrates.

Transmission is a popular open source torrenting client for Mac. Somehow, its website – from which anyone can download the app – was compromised briefly in early 2016, allowing a virus to be packaged with Transmission. Once downloaded, the virus would lie dormant for three days before opening a Tor connection to the internet, locking essential system files and demanding a ransom of 1 bitcoin (about $400).

Granted, the circumstances surrounding the Transmission incident are not easily replicable or even conducive to widespread exploitation across the macOS ecosystem. The exploit was not as simple as blasting out a bunch of phishing emails, but instead required end users to download the app at a specific time and actually run the program so that the virus could activate via Transmission’s features.

Cyber security lessons from the Transmission breach

The ultimate impact of the Transmission virus was limited. However, the event holds some important lessons for both Mac, PC and mobile users:

1. Don’t assume your platform is safe
A compromised torrent client should not have needed to be the security wake-up call for Mac users. Many past threats have demonstrated the risk to macOS, from the FAKEAV scam (which packaged malware under a variety of names such as MacSweeper and MacProtector) to the Flashback family of Trojans that targeted weakness in Java and Adobe Flash Player. Both of these were documented years ago by Trend Micro.

2. It is getting easier for threats to go cross-platform
According to Intel security research architect Craig Schmugar (who recently spoke to eSecurity Planet), cyber criminals are now sharing the source code for their malware, making it easier than ever for threats to migrate from PC to Mac. Compared to PC malware, Mac variants are still relatively simple, but with the right mix of design and delivery, they can inflict harm, as the Transmission flaw revealed.

3. Ransomware and executable files are especially problematic
There are plenty of ways for a Mac to get infected with malware. However, two of the most common as of 2016 are ransomware and any executable files that have been tampered with. DMG, PKG and AppleScript files are all worth keeping an eye on. Ransomware issues with Transmission and KeRanger demonstrate that it is possible to take a Mac’s file “hostage” and demand payment for their safe return.

Like any computing platform, macOS has its fair share of vulnerabilities to cyber crime. Don’t leave your Mac’s security to chance. Invest in security software today.

Ransomware : Don’t become a victim. Here’s how to stay safe.

Ransomware–don’t be its next victim. Learn how to stay safe online.

With the introduction of “WannaCry” ransomware in May, ransomware has captured the attention of all those who use the Internet to shop, communicate and just about everything else. The consequences of ransomware are so real that everyone should get protected.

What is ransomware?

It’s malware that locks down your files and keeps you from accessing them until you pay a ransom. Depending on the type of ransomware, that ransom could be anything of value that can be digitally transferred from Bitcoins to iTunes gift cards. If you paid the ransom the villains may release your files, but there are no guarantees.

You’ve probably heard how ransomware has attacked businesses and their operations (Equifax of late), but individuals are a major target as well. Unlike businesses most people don’t have the know-how to get rid of the ransomware on their own and often end up paying to get their data back. Therefore, you have to focus on prevention.

Given its potential impact, here are three important facts on ransomware you should understand as you take steps to protect yourself and your files.

Phishing Is the source of most ransomware

Most ransomware attacks come from phishing emails. There’s a good chance that those sketchy-looking messages pretending to be from your bank or another company contain some type of malware, and it could be ransomware. Your best bet? Use security software to block phishing emails, and if any slip through, ignore and delete.

Hackers target out-of-date software

Getting those notices to update your computer or mobile device software can be annoying, but hackers are constantly looking for vulnerabilities that they can exploit in software. Ransomware is most likely to take hold on devices don’t aren’t running the most up-to-date versions of software. Installing updates can mean the difference between an infected device and blissful ignorance of malware.

All connected devices are at risk

Finally, it’s not just your computer that’s at risk for ransomware. Any connected devices — smartphones, tablets, even your smart TV or thermostat. That’s right — hackers could hold your thermostat hostage, raising or lowering the temperature by a few degrees for every hour you don’t pay.