article posted on Sunday afternoon.
When users downloaded version 2.90 of Transmission, which was released on Friday, their Macs were infected with the ransomware, the blog said.
Apple had taken steps over the weekend to prevent further infections by revoking a digital certificate that enabled the rogue software to install on Macs. Other details were not provided yet.
Transmission, also, responded by removing the malicious version of its software from its website. On Sunday it released a version that its website said automatically removes the ransomware from infected Macs. Transmission users were advised to immediately install the new update, version 2.92, if they suspected they might be infected.
Palo Alto said on its blog that KeRanger is programmed to stay quiet for three days after infecting a computer, then connect to the attacker’s server and start encrypting files so they cannot be accessed.
Once the encryption complete, KeRanger demands a ransom of 1 bitcoin, or about $400, the blog said.
Olson also mentioned that the victims whose machines were compromised but not cleaned up could start losing access to data on Monday, which is three days after the virus was loaded onto Transmission’s site.
Our Free Antivirus for Mac is able to detect the new KeRanger ransomware on Apple computers. If you are already seeking for solutions to protect your Mac against ransomware attacks, we strongly recommend you to install our antivirus: http://www.avira.com/en/free-antivirus-mac