Bitorrent Client Transmission Infected With KeRanger Malware
Mac Bit Torrent clients are a bit thin on the ground with Transmission being one of the most popular and widespread in use today. However it's been announced that anyone who downloaded 2.90 on March 4th might have been infected with the “OSX.KeRanger.A” ransomware. An in app update gives the following message;
Read Immediately!!!! Everyone running 2.90 on OS X should immediately upgrade to and run 2.92, as they may have downloaded a malware-infected file. This new version will make sure that the “OSX.KeRanger.A” ransomware (more information available here) is correctly removed from your computer. Users of 2.91 should also immediately upgrade to and run 2.92. Even though 2.91 was never infected, it did not automatically remove the malware-infected file. 2.90 App Changes * Improved compatibility with modern OS X * Several bug fixes * We're still alive!
The security brief from Paloatonetworks gives a great run down of what this ransomware does and how it does what it does.
It's important to point out that the Mac is still a safe platform until you start punching holes in GateKeeper. In Security & Privacy -> General the safest bet is to stick with Mac App store and Identified developers. Opening it up past that and well, you get the situation where an update containing a malicious payload can end up on your machine.
If you must download your "backups" from places then take the time and learn all about newsgroups. Not only are these files normally safer but you'll pretty much download at the full speed of your connection.