If you are a Mac user like me, loving to download torrents via the transmission software then you will receive this warning message at the opening of Transmission !
KeRanger is a ransomware that aims to encrypt the hard drive of the users and then ask them for money to decrypt it. If they do not pay, their data will be lost.
KeRanger has emerged with the application Transmission, the most popular client for download torrents on Mac. Version 2.90 has been infected with ransomware, some users have been affected without knowing .
Users likely to be victims of KeRanger are those who downloaded the version 2.90 of the Transmission software on the 4th or 5th of March.
Three days after infection, this is where KeRanger strike and demand a ransom from the user by encrypting the files from his computer to bar him access.
Once installed, KeRanger will search for approximately 300 different file types and encrypt any it finds. The malware will then display a ransom message, demanding that the victim pay 1 Bitcoin (approximately US$408). Payment is made using a website on the anonymous Tor network .
Apple announced to be aware of ransomware and has already revoked the certificate from a legitimate developer who has allowed installation of KeRanger on Mac.
How to Know your are infected ?
Open a Terminal or use the Finder to search /Applications/Transmission.app/Contents/Resources/General.rtf or /Volumes/Transmission/Transmission.app/Contents/Resources/General.rtf files. If present, the transmission application is infected and it is highly advisable to remove.
These are the screenshots of my own Transmission . Since I used Transmission 2.84 release , I’ m not infected, For infected computers the file General.rtf must be present between these blue lines !
Are you infected ? Sure to download the 2.92 version that will remove the malware!