1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

KeRanger Mac ransomware is a rewrite of Linux Encoder

Discussion in 'Help Net Security' started by RSS, Mar 9, 2016.

  1. RSS

    RSS New Member Member

    KeRanger, the recently discovered first functional Mac ransomware, is a copy of Linux Encoder, the crypto-ransomware first unearthed and analyzed in November 2015 by Dr. Web researchers. “The encryption functions are identical and have same names: encrypt_file, recursive_task, currentTimestamp and createDaemon to only mention a few. The encryption routine is identical to the one employed in Linux.Encoder,” explained Catalin Cosoi, Chief Security Strategist at Bitdefender. Bitdefender researchers have previously found encryption flaws in the first … More →

    Continue reading...

Share This Page