Please review your OS X deployments and patch accordingly.
This is an interesting response by Patrick Wardle to the threat of KeRanger and other OS X ransomware instances. I am thrilled to see some movement made in the direction strengthening detection and remediation of OS X issues.
This was completely expected, but yet I am sure there are still many users out there that believe the OS X platform is impervious to virus and malware attacks. Mac users have only slid under the radar because of a smaller, and therefore, less lucrative target environment for cyber criminals. Ransomware is not as much about volume. It is about users willing to pay for decryption keys. These attacks will only increase over time. Be prepared.
This article explains a continuing problem with OS X Gatekeeper, a feature in Apple’s OS designed to protect against the loading of malicious and unsigned application code. Apple is claiming that patches to this point have been “targeted” and that a more comprehensive patch is coming, but I interpret that as “we haven’t figured out how to solve the problem, so we are going to dabble around the edges until a real solution is available.”
Call it what you will – a sign of the times, an inevitability, a sign that Apple has real traction in the desktop space – but malware is alive and well in the world of OS X and VirusTotal is taking this fact seriously.
This is yet another frightening attack vector making the rounds. It is particularly scary because most Mac users consider themselves impervious to virus and malware infection and rarely employ A/V solutions on their devices. iOS users are also less diligent when it comes to monitoring their devices for suspicious software. I am curious how vulnerable the Apple App Store commonly accessed in the US is to this attack.