A security research firm announced Sunday its discovery of what is believed to be the world’s first ransomware that specifically goes after OS X machines.
“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Ryan Olson, of Palo Alto Networks, told Reuters.
The KeRanger malware, which imposes a 72-hour lockout window unless the victim pays 1 bitcoin ($410 as of this writing), appears to have been first discovered via a rogue version of Transmission, a popular BitTorrent client.
For some time now, ransomware has primarily targeted Windows machines—threatening total data destruction if the ransom isn’t paid. Recently, even a Los Angeles hospital was infected, which resulted in the payment of a $17,000 ransom. In June 2015, the FBI said it had been contacted by 992 victims of CryptoWall, a similar ransomware scheme, who have sustained combined losses totaling over $18 million.
On Saturday evening, some Transmission users noticed the strange activity on a discussion board—users concluded that the 2.90 version of Transmission was infected with the ransomware. It appears that somehow the Transmission website may have been compromised as it was served via HTTP rather than the primary HTTPS Transmission website.