Malware Library. Threats targeting Macs.

Mac malware exists in all shapes and sizes and new digital parasites evolve every day. Whether it’s adware, trojan horses, keystroke loggers, viruses or other spyware, stay up-to-date and discover more information about the latest threats targeting your Mac here.

What Is Ransomware?

Ransomware, as its name implies, is a type of malware that tries to extort money from computer users by holding their systems ransom. One of the newest types of malware to hit the scene, ransomware is an attractive choice for cyber criminals because it presents them with a very clear means of making money off their victims. Ransomware preys on the idea that computer systems and everything they hold (documents, photos, financial records, mp3 files, etc.) are of such vital importance to most people that holding them ransom is an effective way of extorting cash.

What Does Ransomware Look Like?

How ransomware works and what part of your computer system it holds ransom can vary depending on the specific software. In most cases, though, a ransomware infection will follow a specific pattern. Once downloaded or installed on your system, the ransomware program will appear as an app or window on your computer screen. This app or window will inform you that your files have been locked or encrypted and that you can only open them by paying a ransom to buy the decryption key.

Like any other type of malware, ransomware can vary in presentation and implementation. Sometimes, these ransomware threats will be accompanied by a time limit. Perhaps there is a 24-hour countdown that gives infected users a brief window of time to pay up or face the consequences. In such cases, the “consequence” is often that that the ransomware program will permanently delete the user’s files if the ransom payment is not submitted within 24 hours.

In other situations, there will be no time limit, but the designer of the ransomware will have worked a bit harder to conceal their malicious intentions. For example, there have been ransomware programs in the past that posed as law enforcement agencies. These programs sent messages informing computer users that their systems had been linked to illegal activities such as piracy, child pornography, and more. Users were then told to pay fines for their supposed misdeeds or face arrest and other legal repercussions.

Where other types of malware are often used to damage or wreak havoc on personal, commercial, and government computer systems alike, the mission of ransomware is almost always to extort payments from its victims. The amount of money that ransomware programs demand from each victim varies from one program to the next, as does the method of payment. Usually, payment will be requested via a completely untraceable channel, such as a wire transfer or using a digital currency like Bitcoin.

A Brief History of Ransomware

Ransomware programs have been plaguing PC users for several years but are only recently becoming a pressing issue for Mac users. The first pieces of ransomware arrived in 1989, in the form of a Trojan horse called AIDS. However, while the ransomware concept has existed in some form or another for the better part of three decades, this type of malware didn’t become particularly commonplace until the 2010s. In 2012, the Reveton Trojan—one of the ransomware programs that posed as law enforcement agencies—began making the rounds in various different formats.

Since then, programs like CryptoLocker and Cryptowall have started using the encryption model to exploit computer users around the globe. Estimates indicate that the gang behind CryptoLocker extorted about $3 million by infecting people with the software while the FBI has put the damages of Cryptowall at about $18 million. More recently, the first piece of ransomware for Mac OS X was discovered in the wild. Named KeRanger, the ransomware arrived in a malicious build of the popular Transmission BitTorrent client, and it appears to be based off of the Linux.Encoder Trojan (https://labs.bitdefender.com/2016/03/keranger-is-actually-a-rewrite-of-linux-encoder/).

How to Defend Against Ransomware

The first step to keeping yourself protected against the ransomware threat is to consistently back up all of the files you have on your computer. Use external hard drives or cloud backup services to save all of your Word documents, photos, mp3 files, and other data somewhere away from your computer. That way, if you are infected, you will have a third alternative to the “pay or lose your files” dilemma.

Using updated antivirus and anti-malware software on your computer can also go a long way toward preventing ransomware infections from ever occurring. The companies behind the best anti-malware software will update their malware definitions on a regular basis, including the latest ransomware definitions. By keeping your anti-malware software up to date, then, you let it know which programs to look for and block from ever getting installed on your system.