New Ransomware on Mac

[fletcher]

I just read an article announcing that there has been a ransomware attack on Mac computers, spread through Transmission.

I have used Transmission to download several torrents over the last few days. I know that Linux is not Apple, but they do have similarities.

Would a fresh back-up of my system be a good idea? Or do the gurus think I have nothing to worry about?

I am not a power user, just a casual Linux fan. Running Mint 17.2 Cinnamon with no dual boot at the moment. Don't want to seem paranoid, but also do not want to be in danger.

Any advice/help is appreciated.

[Habitual]

Would a fresh back-up of my system be a good idea?

Run, don't walk.
Test your backups. Don't wait for disaster.

[Pjotr]

You should *always* have backups of your important documents etc., no matter what.

Apart from that: no worries. This particular incident concerns only the Mac version, and on top of that only the Mac version which was downloaded straight from the Transmission website.

Thank God for our official software sources, is what I always say....

[fletcher]

Apart from that: no worries. This particular incident concerns only the Mac version, and on top of that only the Mac version which was downloaded straight from the Transmission website.:

Thanks for the info. I thought that was probably the case, but I wanted to double-check. The article that I saw about the ransomware was on a news blog, not a tech blog, so they did not give a lot of detail.

[chrisuk]

Here's a more technical description of the attack, and some details of the code used:

http://researchcenter.paloaltonetworks. ... installer/

[Ark987]

As said always backup no matter what.

Talking about that the situation is getting a bit scary now, it is basically the same type of attack used on Mint. Looks like they are realizing that web servers are at the moment the weakest link in the chain so they may become frenzy replacing installer from popular projects. It seems that in the near future we shouldn't download anything at all

[chrisuk]

As said always backup no matter what.

Talking about that the situation is getting a bit scary now, it is basically the same type of attack used on Mint. Looks like they are realizing that web servers are at the moment the weakest link in the chain so they may become frenzy replacing installer from popular projects. It seems that in the near future we shouldn't download anything at all

I agree that it's more of a concern than it used to be. Many years ago the "cracking" side was more for running botnets of fileservers; it wasn't often for financial reward, more for the props on various boards/communities/irc networks etc. Not saying it wasn't a bad thing, millions used fileservers on IRC for their TV episodes - Movies - Latest Software - Music; many were fileservers themselves, but they didn't know it There's been other things between then and now, but none that can affect every person with an Internet connection... Mobile Phone - Tablet - Laptop - PC... well, unless you count the Government

But it's not kids in their bedrooms now, it's criminal gangs, and it's all about money. Even Police Departments and Hospitals are paying the ransom... and many more pay and tell nobody.

All you can do is use the safest OS (Linux... at this moment in time), use safe browsing habits, don't install from anywhere except the Repositories, and backup everything regularly (I backup after any changes to my system, including any changes to Home)... oh, and hope it's not you next

[Portreve]

Well, if you look at all the malware that has EVER come out for the Mac OS X platform since its release in 2001 vs the list for Windows over the same period, it's a pretty stark, day-and-night kind of thing.

I agree with the comments here up-thread that you should ALWAYS have your data backed up. I'm not particularly sympathetic for those who don't.

[LinuxJim]

I know that Linux is not Apple, but they do have similarities.

Yes. OS X is simply BSD under the hood.

Would a fresh back-up of my system be a good idea?

That's *always* a good idea. Manditory if your data is valuable to you.

Or do the gurus think I have nothing to worry about?

From this particular attack? No, there is nothing to worry about as the crack uses hard-coded paths to plant code into OS X's kernel services. These paths don't exist on Linux. But, it's simply a matter of time before the next one comes out that DOES affect Linux. The only way to combat ransomware is to have valid and recent backups.

[Pjotr]

The only way to combat ransomware is to have valid and recent backups.

..... and to stick to the official repo's.