That means that if Apple’s steps prove ineffective in neutralising malware that has already infected Macs, the earliest victims will have their files encrypted on Monday, three days after the malicious program first appeared on the Transmission website, he said. The malware is programmed to encrypt files on an infected personal computer three days after the original infection, according to Olson. The representative said he could not immediately provide other details. “This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Olson said in a telephone interview with Reuters.Īn Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs. Ryan Olson, threat intelligence director at Palo Alto, said the “KeRanger” malware, which appeared on Friday 4 March, was the first functioning ransomware attacking Apple’s Mac computers. Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft’s Windows operating system.
