First Mac Ransomware Found in the Wild

Party’s over, Mac users!

The first Mac ransomware application has been found in the wild.

“Ransomware” is a pernicious category of malware which has bedeviled users of Microsoft Windows for years. Ransomware locks users out of their documents, then demands a ransom in exchange for the unlock key. Without this key, there is literally no way to ever access your documents again.

In this case, the criminals are demanding approximately $400 for the unlock key.

This new Mac ransomware was delivered through an infected copy of Transmission, the popular, open-source BitTorrent application. Although Transmission is traditionally used to download illegal software and media, some of MacCentric’s clients do use it for legitimate business purposes.

Apple’s built-in Mac OS X antivirus mechanism did not detect the infected files at first. Apple has since updated its built-in antivirus to detect the threat and warn the user. However, tech-savvy users can easily bypass that warning with a few mouse clicks.

We’ve already completed a fleet scan for MacCentric Solutions clients who use our antivirus and fleet-management service offerings (if you’re not one of them, drop us a line). We are notifying clients whose computers might be affected.

See below for our recommendations on how to protect your company’s devices!

3 Ways To Protect Against Ransomware

Ransomware is a challenging cybersecurity threat because traditional antivirus applications have not always been successful in detecting and defeating it. The challenge is especially acute on the Mac platform because most smaller Mac-centric businesses allow their employees to install any applications they want on company-owned computers.

In response to these challenges, over the years MacCentric Solutions has developed a multi-pronged approach, as part of our managed Startup In a Box service, to protect against the potentially crippling and expensive effects of a ransomware infection.

Our approach aims to defeat ransomware at different stages of its lifecycle:

1. We stop malware before it arrives. We use a suite of different tools — traditional antivirus applications, network-perimeter scanners, web content filtering, data aggregation of web usage trends, and more — to identify suspected attacks and prevent users from downloading or installing malicious payloads.
2. If a bad actor does manage to get their malware installed on your computers, our toolset can prevent them from taking control by blocking the ransomware’s attempts to phone home “We got one!” to its control servers, from which the ransom process is initiated.
3. Finally, if ransomware does successfully encrypt a computer, all is not lost if you’re utilizing our offsite backup service to keep safe copies of your data.

Another way to protect your fleet against infection is to revoke administrative access from your users. This can be culturally tricky and also can have technical implications, so ask us before choosing this route!

Apple’s Time Machine Backups Possibly Compromised

Apple’s built-in Time Machine backup may not be sufficient backup protection against this particular threat! The security researchers who discovered this new malware think that it also attempts to encrypt Time Machine backup files to prevent victims from recovering their back-up data. You need a third-party offsite backup service to fully protect against this threat.

What Should You Do Next?

If your company subscribes to our managed Startup In a Box service, we’ve already scanned your fleet and are notifying clients who might want to take additional preventative action.

If you’re not a subscriber, now’s the time to do something! Start by installing offsite backup software on your entire fleet. Then consider a multi-pronged protection strategy to defeat malware at numerous points in its lifecycle. Or, ask us to do all of this for ya. :-)

Need help determining what to do next? Drop us a line and we’ll give you our recommendations!

Until next time, remember:

There are only two kinds of people: Those who have lost important data, and those who are going to lose important data.

eBay Got Hacked. Change Your Password!

The subject line says it all: Change your eBay password. And reconsider whether you really need that porcelain canary whistle.

Our latest security breach comes courtesy of those great folks over at eBay, whose corporate servers were infiltrated by super-stealthy hackers sometime back in February or March. By “super-stealthy,” we mean that the attackers had employee login credentials, which we can only deduce is because eBay must not have a strict “No Candy for Passwords” policy in place for their employees.


Securely Erasing an External Hard Drive

Like many computer users, you may have some old, external hard drives lying around collecting dust. Perhaps you used to store music on them, or maybe they’re old backup drives that are now too small to be useful. Whatever the reason, you’d like to dispose of them ecologically. (See below for some e-waste recycling options.)

But before you hand them over to the recycling center, or even if you throw them in the garbage, you should ensure that your data is GONE from them platters. The standard Empty Trash feature is not good enough — trashed files can be easily recovered by someone with enough knowhow and moxie.

This week, we’ll show you how to format those drives so that your personal data has been removed. Go ahead and grab one of those old drives and follow the steps below. (more…)

Advanced Mac Search Using Spotlight

In our last newsletter we explored the fundamentals of searching for virtually anything using Spotlight on your Mac. This week we delve further into advanced search features that even huge Mac geeks often don’t know about! Once you master these, the paperless office will be within your grasp. (more…)

Find Any File With As Few As 3 Keystrokes & Siri like dictation on your Mac!

Find Any File With As Few As 3 Keystrokes

Gone are the days when files had to be meticulously organized in folders. You can search for anything on your computer, regardless of its location — even for words within documents. Just use your Mac’s Spotlight application.

In this week’s newsletter, we’ll do a basic Spotlight overview, and in a future newsletter we’ll give you some advanced tips. (more…)

Saving Time with Finder’s Favorites

Marla from the law office of Valdez Todd & Doyle LLP, asks:

“When saving in Finder, is there a way to set your default when you are moving things to a folder so you don’t have to click through each folder to get to your destination?”

Marla, this is one of the most common productivity frustrations.