After all, it has been held as an article of faith that Macs are more secure than their Windows counterparts, and as proof, Mac users commonly held out the fact that their machines didn’t get hacked very often.
While there’s some truth to that, it’s also true that hackers tend to go after the low hanging fruit first, and the simple truth has always been that there are orders of magnitude more Windows-based PCs in service than there are Macs. The relatively low number of them in use provided at least as much protection as the more robust security.
It was possible, and indeed hoped, that the recent discovery of ransomware infecting a Mac was something of an aberration, but now, a second strain has been discovered. That makes it the beginning of a trend.
If there’s a silver lining at all, it is the fact that this new strain, called Crypto (CryptoLocker in Windows), is rather poorly designed. Forbes called this KeRanger ransomware and reports that “the impact has been limited, with no more than 6,500 likely affected, representing a tiny portion of Apple Mac machines.”
It masquerades as a “crack,” which is a tool used by people to unlock full versions of commercial software. Cracks like these are wildly popular on various torrent sites, where end users download them to save money on a variety of software for business and personal use.
As soon as the user double clicks the executable to get the unlock code, the software springs into action. But instead of locking each file individually, it copies them into an archived zip file, then deletes the originals.
Here’s the problem, though: The software doesn’t have a means of communicating back to the hacker, which means it can’t send the unlock key, which, in turn, means that even if you pay the ransom, you’ll never get your files back. The hackers simply don’t have the means to do it.