According to Wikipedia, ransomware is a type of malicious software that blocks access to the victim‘s data or threatens to delete it until a ransom is paid. Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading, or opening when it arrives a s an email attachment. However, one high profile example, the “WannaCry worm”, traveled automatically between computers without user interaction.
WannaCry ransomware crypto worm (detected by Trend Micro as RANSOMWANA.A and RANSOMWCRY.I) targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
It propagates using EternalBlue, and exploit of Windows’ Server Message Block (SMB) protocol. After the vulnerability was revealed by The Shadow Brokers, Microsoft became aware and issued a “critical” security patch on 14 March 2017 to remove the underlying vulnerability on supported versions of Windows, though many organizations had not yet applied it. By far, it has caused the infection of thousands of systems across multiple industries around the world and a loss of $1 billion.
There is no exception for Mac
Recently, researchers have detected new variants of malware that have been created specifically to target Apple computers. The ransomware that encrypts data and demands payment before files are released was created by some professional software engineers with “extensive experience” of creating working code. Those who wish to use either of the programs need to get in touch with these engineers to get customized “service”. The payments made by ransomware victims would be split between creators and their customers.
What should you do?
- Back up your files regularly and keep at least one of your backups offline.
- ALWAYS apply the latest update for your OS.
- Stay away from phishing websites and suspicious email attachments.
- DO NOT pay the ransom and seek professional help
Now, It’s time for Mac users to be careful with their cyber security.