This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

First real OS X ransomware

researchcenter.paloaltonetworks.com/.../

Developer certificate revoked for this one, and now supposedly cataloged in XProtect (however, my latest 10.8 XProtect is still showing 2/10 for last update--maybe doesn't affect 10.8?), but no reason to think it will stop with Transmission or other torrent clients. Will most likely move on to other kinds of downloads,/programs, not just torrent clients. $99 for Apple code signing certificate from Apple is cheap. The cost of doing business-- a trifle compared to the haul they can make in a few days before the certificate is revoked. As soon as one is revoked, they will just get another.


At the moment, can't gain persistence, but expect that won't last long. And probably won't take long before anyone can buy this as a kit.

Will Sophos stay on top of this, now and through the inevitable variations, and protect?



This thread was automatically locked due to age.
Parents Reply Children
No Data