Thursday, March 10, 2016

Linux is behind KeRanger the ransonware which targeted Mac – Digital Zone

A ransonware KeRanger dubbed by experts in cybersecurity Palo Alto Networks has been discovered in Apple computers. Experts Bitdefender Linux.Encoder it would come from.

researchers cyber security experts of the company Palo Alto Networks have recently discovered a ransonware called KeRanger . He found himself in “ Drive “, a torrent downloader. The rançongiciel is a malware that blocks targeted computers until the owner pays a ransom. Regarding KeRanger, this ransom was $ 400. These ransonware usually invade the Microsoft OS and bring several hundred million dollars a year e pirates.

It would be a derivative of malware viruses that target Linux distributions commonly known Linux.Encoder and would target the Linux system, according to the company Bitdefender Labs. Security experts from the IT company KeRanger studied and have found that it would be a derivative of a malware that plagued the last few months on Linux systems. Hackers have used KeRanger could also be the same as those behind Linux.Encoder

 transmission bittorrents 600px

Cosoi, head of Bitdefender security says KeRanger is almost identical to the current version of Linux.Encoder. It states: “ encryption functions are identical and have the same names: encrypt_file, recursive_task, currentTimestamp and createDaemon to mention a few. The encryption routine is identical to that used in Linux.Encoder “. This ransonware targeting Linux servers would be the fourth version of the malware and have been improved over time.

Ryan Olson, working at Palo Alto Networks, stated that KeRanger was the first virus ransonware kind that attack the operating system OS X brand to Apple. He indicated that once the virus is present on the computer, it is idle for three days and then starts to encrypt the data. The documents are then blocked and it is necessary to pay the sum of 1 bitcoin to be able to find them again, corresponding to 400 dollars. KeRanger is inactive for three days and then starts to encrypt the data of Apple computers. It thus takes over the control servers via the Tor network.

Following the discovery of KeRanger, Apple had revoked the certificate used by the solution to prevent the malware from spreading among its customers. According to the group, less than 7 000 customers were affected by KeRanger. People who have been victims of this malware should therefore recover their data without having to pay any fee.

Published March 10, 2016 – 8:30 by Francois Giraud

Elsewhere on the web

LikeTweet

No comments:

Post a Comment