From what I've read it only seems to affect people that downloaded Transmission via the website and not those who used the in app updater. [1]<p>I've updated to 2.90 the day it came out and don't seem to have the process running.<p>[1] <a href="http://www.macrumors.com/2016/03/06/mac-ransomware-transmission/" rel="nofollow">http://www.macrumors.com/2016/03/06/mac-ransomware-transmiss...</a>
From the article: To check whether you have the malware installed:<p>Using “Activity Monitor” preinstalled in OS X, check whether any process named “kernel_service” is running. If so, double check the process, choose the “Open Files and Ports” and check whether there is a file name like “/Users//Library/kernel_service”. If so, the process is KeRanger’s main process. We suggest terminating it with “Quit -> Force Quit”
See <a href="https://news.ycombinator.com/item?id=11234589" rel="nofollow">https://news.ycombinator.com/item?id=11234589</a>
It's actually kind of surprising this is the first occurrence of ransomware on Apple's platform. It seems Macs are still, at least to some degree, protected by security through obscurity.
Came expecting a pun regarding old files / applications that failed to work after a forced system OS upgrade.<p>Was disappointed.<p>Not that Apple is distinctly notable for ransoming your one-time files and applications; on the contrary I've heard more often about people having issues when their Windows / Other OS reaches the end of its support.<p>edit: It was sarcasm and I know your downvote policies, etc, etc. I just know you guys sometimes roll with the funny punnies, and I was seeing if I had what it took this once. Maybe next time I'll nail a good one though, with a little more creativity and a little more funny to it. Contentless statements can exist here, and I want to learn to make them.