How to Protect Your Mac from Ransomware Attacks

How to Protect Your Mac from Ransomware Attacks

In the aftermath of recent Mac ransomware threat, more and more users start thinking about further steps to protect themselves against possible attacks.

On March 4, Palo Alto Networks reported about first Apple ransomware (called KeRanger) that was detected on Macs with installed Transmission BitTorrent. Mac users were forced to pay 1 Bitcoin in exchange for their data. In spite of the massive hype, Apple promptly resolved the issue by updating XProtect and withdrawing Transmission BitTorrent's developer certificate, so that no one could install the dangerous app.

Although this case is no longer a real threat, ransomware is becoming a regular money-making scheme employed by cybercriminals. There are no sure-fire ways to stay away from attacks, though we strongly recommend following MacKeeper data protection tips.

First of all, regularly back up your most important files.

According to the "3-2-1" rule, all relevant information should be stored in 3 sources; data should be kept at least on 2 different sources (e.g. cloud + USB flash drive, flash drive + DVD-ROM, etc); and 1 copy should be located in the remote place. With MacKeeper Backup feature you can either set up automatic backups or schedule the next session. Use a flash drive to make weekly backups of more important files and always disconnect from the computer after the backup is made. We also suggest switching the data access settings to read/write permissions, so that the files cannot be modified or erased.

Be careful with all attachments.

Malware is often disguised as non-malicious files that can get on your computer in the attachment. Do not open any emails from unknown senders. Oftentimes phishing emails may look like notifications from an official institution or delivery service.

Turn off the Internet if you suspect any unwanted activity.

Switching off your machine and disconnecting it from the Internet can be efficient, especially at early stages of attack. Moreover, you should turn off unused wireless connections, such as Bluetooth, that can also be exploited for compromising your computer.

After the computer is isolated, the ransomware will not be able to connect with Command and Control server and thus will fail to finish the encryption process.

Scan compressed or archived files.

If this specific feature is available in your antivirus software, it's time to use it. With MacKeeper Internet Security tool you can scan the archived files without unzipping them first.

Set unique passwords for different accounts to reduce the potential risk.

If your computer is already infected, all you can do is turn off the machine, disconnect it from the network, and alert law enforcement. Unfortunately, there are no known ways to get back your data unless you have a backup. With latest advanced cryptography, recovering files is impossible without the key to decrypt them. Therefore, we recommend getting back to your backup plan as currently it is the only possible solution to ransomware threat.