New Ransomware on Mac

Chat about just about anything else
Post Reply
fletcher
Level 3
Level 3
Posts: 179
Joined: Thu Oct 15, 2009 2:11 pm
Contact:

New Ransomware on Mac

Post by fletcher »

I just read an article announcing that there has been a ransomware attack on Mac computers, spread through Transmission.

I have used Transmission to download several torrents over the last few days. I know that Linux is not Apple, but they do have similarities.

Would a fresh back-up of my system be a good idea? Or do the gurus think I have nothing to worry about?

I am not a power user, just a casual Linux fan. Running Mint 17.2 Cinnamon with no dual boot at the moment. Don't want to seem paranoid, but also do not want to be in danger.

Any advice/help is appreciated.

Habitual
Level 13
Level 13
Posts: 4865
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: New Ransomware on Mac

Post by Habitual »

fletcher wrote:Would a fresh back-up of my system be a good idea?
Run, don't walk.
Test your backups. Don't wait for disaster.

User avatar
Pjotr
Level 21
Level 21
Posts: 14351
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: New Ransomware on Mac

Post by Pjotr »

You should *always* have backups of your important documents etc., no matter what.

Apart from that: no worries. This particular incident concerns only the Mac version, and on top of that only the Mac version which was downloaded straight from the Transmission website.

Thank God for our official software sources, is what I always say.... :mrgreen:
Tip: 10 things to do after installing Linux Mint 19.3 Tricia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

fletcher
Level 3
Level 3
Posts: 179
Joined: Thu Oct 15, 2009 2:11 pm
Contact:

Re: New Ransomware on Mac

Post by fletcher »

Pjotr wrote:Apart from that: no worries. This particular incident concerns only the Mac version, and on top of that only the Mac version which was downloaded straight from the Transmission website.:
Thanks for the info. I thought that was probably the case, but I wanted to double-check. The article that I saw about the ransomware was on a news blog, not a tech blog, so they did not give a lot of detail.

User avatar
chrisuk
Level 5
Level 5
Posts: 592
Joined: Thu Jun 12, 2008 6:16 am

Re: New Ransomware on Mac

Post by chrisuk »

Here's a more technical description of the attack, and some details of the code used:

http://researchcenter.paloaltonetworks. ... installer/
Chris

Manjaro MATE - MX Linux - LMDE MATE

Ark987
Level 4
Level 4
Posts: 352
Joined: Tue Apr 07, 2015 4:20 am

Re: New Ransomware on Mac

Post by Ark987 »

As said always backup no matter what.

Talking about that the situation is getting a bit scary now, it is basically the same type of attack used on Mint. Looks like they are realizing that web servers are at the moment the weakest link in the chain so they may become frenzy replacing installer from popular projects. It seems that in the near future we shouldn't download anything at all :?

User avatar
chrisuk
Level 5
Level 5
Posts: 592
Joined: Thu Jun 12, 2008 6:16 am

Re: New Ransomware on Mac

Post by chrisuk »

Ark987 wrote:As said always backup no matter what.

Talking about that the situation is getting a bit scary now, it is basically the same type of attack used on Mint. Looks like they are realizing that web servers are at the moment the weakest link in the chain so they may become frenzy replacing installer from popular projects. It seems that in the near future we shouldn't download anything at all :?
I agree that it's more of a concern than it used to be. Many years ago the "cracking" side was more for running botnets of fileservers; it wasn't often for financial reward, more for the props on various boards/communities/irc networks etc. Not saying it wasn't a bad thing, millions used fileservers on IRC for their TV episodes - Movies - Latest Software - Music; many were fileservers themselves, but they didn't know it ;) There's been other things between then and now, but none that can affect every person with an Internet connection... Mobile Phone - Tablet - Laptop - PC... well, unless you count the Government ;)

But it's not kids in their bedrooms now, it's criminal gangs, and it's all about money. Even Police Departments and Hospitals are paying the ransom... and many more pay and tell nobody.

All you can do is use the safest OS (Linux... at this moment in time), use safe browsing habits, don't install from anywhere except the Repositories, and backup everything regularly (I backup after any changes to my system, including any changes to Home)... oh, and hope it's not you next ;)
Chris

Manjaro MATE - MX Linux - LMDE MATE

User avatar
Portreve
Level 8
Level 8
Posts: 2422
Joined: Mon Apr 18, 2011 12:03 am
Location: Florida
Contact:

Re: New Ransomware on Mac

Post by Portreve »

Well, if you look at all the malware that has EVER come out for the Mac OS X platform since its release in 2001 vs the list for Windows over the same period, it's a pretty stark, day-and-night kind of thing.

I agree with the comments here up-thread that you should ALWAYS have your data backed up. I'm not particularly sympathetic for those who don't.
Please be polite and remember to mark your fixed problem [SOLVED].

Presently running Linux Mint Cinnamon 19.3.

Know when what you're doing is trying to fit a square peg in a round hole, and STOP.

Still looking for a new job.

User avatar
LinuxJim
Level 5
Level 5
Posts: 659
Joined: Tue Jan 26, 2016 8:01 pm
Location: Oregon, USA

Re: New Ransomware on Mac

Post by LinuxJim »

fletcher wrote: I know that Linux is not Apple, but they do have similarities.
Yes. OS X is simply BSD under the hood.
fletcher wrote:Would a fresh back-up of my system be a good idea?
That's *always* a good idea. Manditory if your data is valuable to you.
fletcher wrote:Or do the gurus think I have nothing to worry about?
From this particular attack? No, there is nothing to worry about as the crack uses hard-coded paths to plant code into OS X's kernel services. These paths don't exist on Linux. But, it's simply a matter of time before the next one comes out that DOES affect Linux. The only way to combat ransomware is to have valid and recent backups.

User avatar
Pjotr
Level 21
Level 21
Posts: 14351
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: New Ransomware on Mac

Post by Pjotr »

LinuxJim wrote:The only way to combat ransomware is to have valid and recent backups.
..... and to stick to the official repo's. :)
Tip: 10 things to do after installing Linux Mint 19.3 Tricia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

Post Reply

Return to “Open chat”