If users install a trojan from an insecure 3rd party website, that's not Apple's fault. There is literally nothing Apple can do to prevent that, short of locking down the OS so much that it's impossible to install software on Macs.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
First Mac Ransomware Found in Transmission BitTorrent Client
- Thread starter MacRumors
- Start date
- Sort by reaction score
If users install a trojan from an insecure 3rd party website, that's not Apple's fault. There is literally nothing Apple can do to prevent that, short of locking down the OS so much that it's impossible to install software on Macs.
But reality and perceptions differ which is what he was alluding to. There really isn't anything Apple can do but if this makes rounds outside of the tech media they're going to have to at least make a statement. People think their boxes are immune to this type of stuff and the education needs to come from Apple directly.
Let's not try and deny that 99.5% of torrent use is for porn
To be fair, some of that porn is shared without the permission of copyright holders. I've heard about shall we say less-socially-acceptable porn companies essentially blackmailing porn pirates into very large settlements to avoid the embarrassment of a court date in which their particular fetish or sexual orientation will become part of the public record. They're worse than the RIAA claiming millions of dollars of lost revenue from a few songs.
Unless this was sarcasm, I fail to see how this is Apple's fault.. In fact, it would be hard to push a malware through the MAS, if those blokes are scrutinising each app submission correctly. SO, as a matter of fact, MAS is a way forward, not backward, as we can have Apple be looking at the apps properly before releasing them to public, instead of having the public download from the wild internet with attached malware.
Internet mainly used for porn & piracy, I have zero sympathy for people who use internet.
You should go download it from the website, install it & let us know how it goes.
Who uses torrent clients anymore in 2016? Seed boxes are the way to go. They are secure and cheap as f*** nowadays.
Do you know how easy it is to get valid code signing? I've got dozens of them from Apple. And one can easily sign up and $99 later they have a valid signature.
In the time it takes them to revoke it, these guys can be on to the next one. And at $400 to unlock each infected machine, they can make up that $99 real quick (and that's if they don't use fake credit cards to obtain the signature in the first place).
It's far from being a totally safe way to go. We saw this malware get installed with valid code signing, what makes you think that others can't be too?
Its really sad that people believe this garbage.
This weekend, a notice appeared on Transmissionbt.com warning users that version 2.90 of the popular Mac BitTorrent client downloaded from their site may have been infected with malware. The warning reads:Reuters reports that the infected download contained the first "Ransomware" found on the Mac platform. Ransomware is a type of malware that encrypts a user's hard drive and demands payment in order to unencrypt it. This type of attack has been increasingly popular on the PC, but this is the first time it has been seen on the Mac.
According to Reuters, Apple is aware of the issue and has already revoked "a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs."
The malware in question is said to delay encrypting the user's hard drive for 3 days, so we may see the first reports of those affected as early as Monday. Transmissionbt.com offers instructions on how to see you are affected (above). If you don't use the Transmission software, there is nothing you need to do at this time.
Update: Technical details about the malware.
Update 2: Transmissionbt.com says version 2.92 of Transmission will actively remove the malware.
Article Link: First Mac Ransomware Found in Transmission BitTorrent Client
I noticed that when I checked the version via finder the version showed 2.90. I launch the app and do an about, it shows 2.92. MAKE SURE YOU DOUBLE CHECK!!!!
MACMAD
I just installed 2.92 and the about window shoes the version as 2.92. But the finder shows 2.91...
Yes, I Know. I specifically printed " ... from the app's legitimate site ... ", not Apple! The "... paying Apple ..." means payback by the offended USA governments.
Blame is squarely on the app's (the application's) website - from where people are downloading the ransom-ware.
Do you see anything in my post that blames "Apple", the iPhone, Mac company that writes the software?
This is hilarious. The Apple defence people sure are quick to draw their guns in defence of Apple these days. Nobody is blaming Apple for this ransomware. It is important for users to be aware it is out there so they can take appropriate actions. But informing people it exists is not attacking your precious Apple. You can calm down a little bit.
Reading TheHorrorNerd's posting history is funny though. This is a guy who defended Apple on the Error 53 bricking. He attacks MacRumors for posting about the HoloLens because a non-Apple thread offends him so much he can't just ignore it. He even says people who had their phone bricked by the 1970 bug should take accountability because it's not Apple who bricked it.
Every post in his history is just pure blind defence of Apple no matter how wrong Apple is. All I can do is feel sorry for the guy.
Bit Torrent is just a file transmission protocol that has far more uses outside of just pirating. Many larger, open source projects use bittorrent to help assist with their distribution of media.
Most Linux sources are now available via BitTorrent. This is an ideal solution since many Linux variants are education sponsored and don't have significant capital to support a standard web distribution model.
While most people who don't understand computing very well, might say something like this, you are fundamentally misunderstanding the intention of BitTorrent and other Peer 2 Peer file transmission protocols.
It's in the Mac App Store guidelines:
Transmission has an option that lets it automatically add .torrent files without you having to do it yourself. This comes in useful if you're downloading a lot of things all at once - Legal uses... Humble Bundles and Archive.org stuff. I don't know if that would be easy to make happen in a sandbox considering apps like Alfred had to change to get in the MAS. Sandboxing is fine in most cases, but it doesn't make sense in a lot of cases either.
Open source code is open source, you can read everything that's going to be in the build you make.
Any website can be attacked. Apple, your bank, governments, etc aren't 100% safe from this either.
Nothing at all it seems. Even on their forums the responses are very brief and link to Paloalto or the updated version. This is a major security issue for which they are fully responsible. If it came from their servers, they are to blame. It is as simple as that. They ought to have come up with a press release explaining how this could have happened and at least a public apology. This could have serious repercussions for them.
Could you explain why someone using OSX would need to worry about downloading Linux? If I were to be interested in using Linux I would grab a PC and stick it on to that. Linux is a great project and long may it live, but why would you put an open source project on your Mac if you were remotely worried about security?
Yes, MalwareBytes has been updated to address this, but since you are still on 2.84 and never updated to 2.90, you are not infected.
"from a website no less"?? Where do you get your software?
CDs from magazines? Ah, no, wait, the've been infected before.
Maybe App stores? Ah, no, they've been infected before – and the ones that still didn't WILL eventually, that's the nature of software.
Or do you just use the software that came with your computer? Oh, but those have also been infected before!
As for the "no legitimate use": I hope the rock under which you live is a beautiful one.
JEEBUS, PEOPLE!
1. READ THE THREAD and article links and most of you won't need to post anything.
2. SHUT IT over legit/illegal use of torrent apps, torrent app vs. torrent app, and Mac vs. other OS
3. PLEASE keep the thread on topic.
1. READ THE THREAD and article links and most of you won't need to post anything.
2. SHUT IT over legit/illegal use of torrent apps, torrent app vs. torrent app, and Mac vs. other OS
3. PLEASE keep the thread on topic.
That is part of OS X and totally normal.