Home Tech Apple computers hit by ransomware for the first time

Apple computers hit by ransomware for the first time


A virus that locks users out of their computer until a ransom is paid has been discovered on Apple devices for the first time.

A piece of rogue software called KeRanger has succeeded in infecting a number of Mac computers, making files stored on the device inaccessible. It then demands payment of one bitcoin – the virtual currency and worth around £280 – to return control of the files.

Apple MacBook laptop
(Dominic Lipinski/PA)

Security researchers from Palo Alto Networks first reported the virus, which is known as ransomware, saying they believed it to be the “first fully functional ransomware seen on the OS X platform”, on which Apple laptop and desktop products run.

Apple has long prided itself on its computers’ supposed lack of vulnerability to many viruses, broadly staying free of major issues.

The malware was hidden inside a popular piece of software called Transmission, which is used to transfer data on peer-to-peer sharing site BitTorrent. Palo Alto Networks said users who downloaded version 2.90 of the software on Friday were infected with the ransomware, which stays dormant for three days before beginning to lock files using encryption, asking for the ransom in order to release them.

It is believed that as the malware became available on Friday, those who downloaded it then would begin to encounter problems on Monday unless an update was installed.

The security firm also said they had reported the issue to Apple, adding that the technology giant has since fixed the vulnerability in their systems by revoking a digital certificate that allowed the software to be installed in the first place. Transmission has also removed the malicious download from its website.

Palo Alto Networks’ intelligence director Ryan Olson told Reuters: “This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom.”

Ransomware, among other malicious software, has long been known to target users of fellow desktop software Microsoft Windows, generating millions of pounds a year for cyber criminals.