OSX.KeRanger.A malware in 2.90?

[user10_04]

https://threatpost.com/keranger-os-x-ra ... ed/116612/

"John Clay of Transmission told Threatpost that the project has taken measures to secure its webservers as it investigates the compromise, and expects to post an update in the coming days with more information. "

https://twitter.com/claud_xiao/status/7 ... 3989415937

"72 hours after I discovered KeRanger ransomware. Glad to know our works & collaborations effectively protected some Mac users. Keep moving!"

I know a company where security is taken seriously.
They simply run a daily batch, among many others things, who takes fingerprints of all files and compare with a trust list and update it.

It means even if the server is compromise (as it seems be the case here) it cannot be more than 24 hours to fix the thing.

[user10_04]

https://threatpost.com/keranger-os-x-ra ... ed/116612/

"John Clay of Transmission told Threatpost that the project has taken measures to secure its webservers as it investigates the compromise, and expects to post an update in the coming days with more information. "

http://www.reuters.com/article/apple-ra ... NL1N16F17Q

"We're not commenting on the avenue of attack, other than to say that it was our main server that was compromised,"

[phase700b]

I saw this quote in one of the articles linked above. "Clay said that Transmissions Sparkle auto-update mechanism was not compromised, and would have failed to update to the infected binary because the hash was different." I take this to mean that using the update feature within the application was safe? I believe that's the only way I've ever updated Transmission. I've updated and run v2.92 and didn't see any of the files or running processes that would indicate a problem. I'm just hesitant to do any backups until I'm confident everything is ok. Seems like my music and photo libraries are alright. They're too large to check completely. Thanks, Matt.

[popartmedia]

So this is it!!! My wife MAcbook air went down yeasterday - all files encrypted, all settings went shit.... I just can't believe it!!! Yes I downloaded Transmission on that feral friday but how the hell suppsoed I know I have a ticking bomb with it ( If Apple let it in and Trnasmission developers knew it as well why the heck could'nt I recieve some pop up message or something? It is not some kind of small malware it is something that actualle washed away everything from my wifes Macbook. all I can do is format everything. Until now I was pretty sure I am 100% using MAC now I am not... is there any other chance to restore my files? Or AM i just doomed ?

My wife's gonna kill me and I am just prying to god that this not happened to my personal Mac where I have massive amount of new projects I had no time to back up yet... Buying Time capsule rigth away after this episode

[RedNose]

Yes, it's very strange. But for Mac os now familiar to malware (http://macsecurity.net/view/124/). Unfortunately it is today's reality