If you're big into BitTorrent, and you're a Mac user, here's hoping that you didn't grab a recently released version of the Transmission BitTorrent client for OS X. If so, you might have unknowingly infected your computer with the platform's first official ransomware.
Feature Spotlight: Uses fewer resources than other clients; Native Mac, GTK+ and Qt GUI clients; Daemon ideal for servers, embedded systems, and headless use; All these can be remote controlled by Web and Terminal clients; Local Peer Discovery; Full encryption, DHT.
According to Transmission's website, version 2.90 of the application contained the malware, and users are strongly encouraged to upgrade to version 2.91 (or delete their copy of 2.90) to avoid any issues it might cause. You can also do a little sleuthing yourself to see if the embedded ransomware, KeRanger, has hit your system. Just run through some of the steps listed in the 'how to protect yourself' portion of a new blog post from Palo Alto Networks' threat intelligence team, which details out the steps you'll need to take to clear yourself of KeRanger.
Transmission Bittorrent Client Windows
Free Download Manager. Free Download Manager is a multi-platform powerful modern download.
For the purposes of this guide, we're focusing on two BitTorrent clients: uTorrent for Windows and Transmission for Mac OS X. That doesn't mean you can't use other clients like Vuze (or KTorrent.
Transmission is a BitTorrent desktop client for macOS that comprises a plethora of useful download management tools. Working with Transmission should not raise any problems: the installation procedure is reduced to a simple drag and drop to the Applications folder, and the app’s main window provides.
Transmission Bittorrent Client Windows; Utorrent For Mac; Bittorrent For Mac; NOTE: The calculator will give a reading of '0' for download as this means 'unlimited' for all other bittorrent clients. For Transmission if you want download set to unlimited, then do.
You could also just wipe and restore your system to an earlier time period, suggests 9to5Mac. If you do that, you'll (obviously) want to restore to some point before whenever it is you installed Transmission 2.90—any point before the app's March 4 release date should be fine.
According to Reuters, Apple is already using its Gatekeeper system to prevent new installations of the infected Transmission client, but that isn't very useful for those who have already installed it.
As for how the malware works, Palo Alto Networks' threat intelligence team has a helpful description:
Transmission Bittorrent Mac
'If a user installs the infected apps, an embedded executable file is run on the system. KeRanger then waits for for three days before connecting with command and control (C2) servers over the Tor anonymizer network. The malware then begins encrypting certain types of document and data files on the system. After completing the encryption process, KeRanger demands that victims pay one bitcoin (about $400) to a specific address to retrieve their files. Additionally, KeRanger appears to still be under active development and it seems the malware is also attempting to encrypt Time Machine backup files to prevent victims from recovering their back-up data.'
Transmission Or Bittorrent For Macbook
If you're infected, haven't gone through the steps to clear the malware, and are hit with this demand, we suggest you resist the urge to pay up. There's no way to actually verify that whoever it is you're paying won't just take your money and run. Worse, they might even find a way to exploit your system even more if you leave the malware installed—don't do that.