The first ransomware to hit OS X is being distributed through the popular torrent app Transmission. It’s not being download through malicious files like you might think, instead it’s being download alongside the 2.90 update of the app. The app hasn’t been updated for nearly 2 years, but changed when the developers announced version 2.90 with support for the latest versions of OS X, a list of improvements, and bug fixes.
The update came as the Transmission website was compromised. The update brings the first case of ransomware, which holds your files and photos hostage. The malicious software dubbed KeRanger doesn’t start causing havoc for three days after being installed. When KeRanger springs into action the software holds your files hostage until you pay the 1 bitcoin (about $400) ransom. The software also attempts to encrypt your Time Machine backups to make restoring to a previous version impossible.
Transmission offered a simple fix by updating the app to 2.9.2, which removes the ransomware and gives users access back to their files. If you’ve updated to 2.90 or 2.9.1 you should upgrade the client to 2.9.2 to be sure your computer won’t be infected.
While this is the first case of ransomware of OS X, and likely won’t be the last time we see malicious software, it’s not foretelling the future of OS X being riddled with malware like Windows has been. The Transmission app didn’t install through the Mac app store, which would have meant Apple would have screened the software for any issues. While the local news outlets are saying even Mac users aren’t safe, it’s unlikely you’ll see any malware if you download from the app store and software you know like Google Chrome or Adobe Creative Cloud.