The world has been recently swept by a malware bug that has crippled businesses and government organizations in different parts of the world. This ransom malware is known as WannaCry and has affected over 200,000 computers in supposedly 150 countries. Windows PCs are vulnerable to this ransomware especially the older operating systems like Windows XP and Windows 7 that don’t have up-to-date security updates. This vulnerability is related to the implementation of the Server Message Block (SMB) by Microsoft. Fortunately, it seems that Windows 10 wasn’t vulnerable to the attack.
The popularity of bitcoins has made ransom malware a favorite crime of hackers. It means they can monetize their attacks from dazed victims who badly want their data back. While the spread of the malware has significantly slowed down upon the discovery of the kill switch, it does not mean that the worst is over because Macs seem susceptible too now.
Give us your money, or else: Mac users and their computers aren’t immune from ransom-demanding malware after all, as a first so-called ransomware attack was detected by the security researchers at Palo Alto Networks last week.
Mac owners who installed the Transmission BitTorrent client last Friday or Saturday may have infected their machines with a malware program called KeRanger that may attempt to encrypt some of their personal files. The app then displays a ransom note, asking users to pay around $400 to get access to these files again.
Ransomware attacks like these are nothing new for users of Windows PCs, where a number of similar programs have been attacking users for some time. Ransomware programmers typically hide their tracks by asking to be paid in Bitcoin, their apps are often hard to detect by antivirus software.
It seems that the target of hackers isn’t individual computer users but more on businesses and organizations that have the capacity to pay the ransom they are asking for. The world may have been blown away by the WannaCry attack but it appears that Mac users must also be wary of the KeRanger malware because Mac computers aren’t immune to malware after all.
Unplug and disconnect storage
The one example of effective ransomware seen on a Mac so far - KeRanger - also attempted to encrypt Time Machine backups, to try to make it impossible for the user to simply restore files from a backup.
Therefore, upon discovering your Mac has been infected by ransomware you should minimise the possibility of backups becoming encrypted too by immediately unplugging any removable storage like external hard disks, and disconnecting from any network shares by clicking the eject icon alongside their entries in the sidebar of Finder.
Are Macs affected by WannaCry?
Put simply, no. WannaCry takes advantage of a bug in Microsoft Windows' network file sharing system, a technology called SMB. Once WannaCry gets onto a single computer on the network - usually because an individual opened a rogue email attachment - it then uses a bug in SMB to inject itself into all other computers on the network that haven't been patched.
Macs also use SMB as the default network file sharing technology, so you might initially think Macs could be affected too. However, Apple uses its own bespoke implementation of SMB. While this is fully compatible with Microsoft's version, it doesn't suffer from the same bugs or security holes, so isn't affected by WannaCry - or at least not in WannaCry's current manifestation.
If you want to ensure your Mac computer stays protected from any ransomware attack, try installing the app, RansomWhere?. It is actually a free app that silently watches out for any signs of encryption in the background. Upon detection, it stops the encryption process and lets you know about it.
Other precautions that are actually pure common sense includes not opening malicious email attachments, avoiding dodgy software, regularly updating your system, and making sure you only install from official websites. Ensuring you back up your data is also a great way to give you the peace of mind knowing you have the same copy of the files that were just encrypted, so no need to worry about paying the ludicrous ransom at all.
If you want to know more about Mac Data Recovery services, check this link http://www.harddriverecovery.org/mac-data-recovery/ for more details. Hard drives are crucial components of your PC for they store all your important data. You wouldn’t want anything bad to happen to it. If you can’t afford to buy a backup, just make sure you know of a hard drive recovery service company to help you out such as this: http://www.harddriverecovery.org/hard-drive-recovery-service.html/. If you are clueless as to who to hire, you don’t have to look elsewhere because we can take care of your problem for you at a price you can afford.
Macs Are New Ransomware Targets was first published on Hard Drive Recovery Group Blog