Apple Mac computers are regarded as the most secured device which doesn’t get penetrated by the wide numbers of malwares easily. For so long Apple Mac devices were touted to be most secured personal computers in the world however a recent discovery cautions the Apple users about a dangerous ransomware threatening the Mac devices. Security researchers has confirmed that they had found first-ever ransomware attack which is actively targeting the Mac devices and it is extremely serious in nature. It has also been found that the ransomware is propagating through the use of torrenting software.

Using torrent brings ransomware to Mac devices

The presence of the ransomware was first detected by the security researchers at Palo Alto Networks on Friday. This ransomware has been named as KeRanger and it comes embedded in the popular BitTorrent client on the Apple Mac devices called Transmission. Ransomware targeting Apple devices like Mac isn’t a new case as Kaspersky Lab has also discovered the same in 2014.

How does this ransomware work?

This ransomware comes carefully hidden with the infected versions of the Transmission. Once a user has installed it on the computer then ‘ransomware’ rises from its slumber and starts taking over the system. In the beginning it remains dormant showing no signs but as soon as some files are downloaded using torrents, this ransomware stats encryption of some of the core files of the Mac system which helps in overtaking the computer system.


This ransomware has been named KeRanger and after the completion of the encryption process it will ask victim to pay in just one bitcoin which equals to $400. Only after the payment of one bitcoin users will be able to retrieve the file encrypted by the KeRanger. Security researchers had also stated that the KeRanger is also attempting to encrypt the Time Machine backup files in Mac which will take away the chance of recovering the back-up data.

How KeRanger breached the Mac OS X security

The security researchers at Palo Alto Networks have made Apple and the Transmission Project aware of the Ke Ranger ransom ware. Apple security engineers came into action and revoked the security certificate which was being exploited by the ransom ware. Apple has even updated its XProtect antivirus software usually found in the Mac devices to further counter the emergence and exploits of the KeRanger in a effective manner.

On other hand Transmission has even removed the affected version of the BitTorrent installer from their website in order to reign in the spread of KeRanger.

Security researchers have slammed the opensource torrent application called Transmission for the undue rise and spread of the KeRanger. Transmission is volunteer based project where a wide range of people come from all across the globe to enhance the potential and features of the transmission. It is very likely that the files were compromised and even replaced by malicious versions by the attackers in order to exploit the security loophole in Mac devices.