您现在的位置: 纽约时报中英文网 >> 纽约时报中英文版 >> 科技 >> 正文


更新时间:2016-3-9 18:19:54 来源:纽约时报中文网 作者:佚名

Mac ‘Ransomware’ Attack Exposes Vulnerability of Apple Users

For the first time, security experts say, a dangerous form of software called “ransomware” has successfully targeted a Mac operating system, piercing an image of safety that Apple customers had long enjoyed.


The attack, while noteworthy, affected a relatively small number of people and doesn’t mean that typical Mac users should panic, experts say.


The software, when installed on a victim’s computer, denies a user access to files unless a ransom is paid: about $400. It targets files that users would most likely find important: photos, videos, Excel spreadsheets and Word documents.


Two analysts from the California-based security firm Palo Alto Networks, Claud Xiao and Jin Chen, discovered on Friday that the ransomware was infecting downloads of Transmission, a legitimate BitTorrent file-sharing application, they said in a blog post.

上周五,加州资讯安全公司帕洛阿尔托网络(Palo Alto Networks)的两位分析师肖梓航(Claud Xiao)和陈瑾(Jin Chen,音)在该公司的博客发文称,他们发现这个勒索软件感染了用户下载到的Transmission应用程序。Transmission是一个合法的BT文件分享软件。

About 6,500 users had downloaded the infected software over the weekend, a Transmission official told Forbes. That’s a small fraction of overall Mac users; Apple sold 5.31 million Macs in the first quarter of 2016.


Attackers had compromised Transmission’s website, changing its download link to include both the Transmission software and the ransomware, according to Ryan Olson, the threat intelligence director at Palo Alto Networks. The analysts found it about four hours after it was first uploaded, he said.

根据帕洛阿尔托网络的危机情报主任莱恩·欧尔森(Ryan Olson)的说法,黑客入侵了Transmission网站,并更改了该软件的下载链接,使其同时包含了Transmission和勒索软件。欧尔森说,分析师是在病毒首次上传至该网站约4小时后发觉这个状况的。

Such attacks are more common on machines running Windows, which has far more users, and have grown increasingly common in the past six to 12 months, Mr. Olson said. But even though Apple has had a good record of keeping dangerous software off computers, the successful attack could decrease user confidence, he said.


“It’s important to be aware that nothing is 100 percent,” he said in a telephone interview. “And every time we find a new one of these, that’s just another signal that 100 percent is not possible.”


Apple revoked a certificate that allowed the software to be installed on Macs, according to Reuters, and Transmission removed the download link from its website on March 5, Palo Alto Networks said.


The ransomware, named KeRanger, would “sleep” for three days after being downloaded before encrypting the victim’s files, Mr. Olson said.


Such attacks have had destructive effects, largely because they often work. In February, a hospital in Los Angeles paid hackers $17,000 in Bitcoin after its computer system was down for over a week.


Computers running Windows are often infected when users click a malicious link in an email or one hidden in an advertisement. Once their machines are infected, users often have no choice but to meet the hackers’ demands.


Mac users have historically enjoyed more security from malicious applications, Mr. Olson said. “Apple has a lot of gates in the way to prevent that from being successful,” he said.


While Apple and Transmission responded quickly to limit the damage, the episode illustrates the value of backing up important files, Mr. Olson said. The effect of ransomware is much like a laptop falling into the river — the damage can be limited if your important files exist somewhere else, he said.