Tag Archives: Apple

Apple users targeted in first known Mac ransomware campaign

BOSTON (Reuters) – Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday.

Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.

Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft Corp’s Windows operating system.

Palo Alto Threat Intelligence Director Ryan Olson said the “KeRanger” malware, which appeared on Friday, was the first functioning ransomware attacking Apple’s Mac computers.

“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Olson said in a telephone interview.

Hackers infected Macs through a tainted copy of a popular program known as Transmission, which is used to transfer data through the BitTorrent peer-to-peer file sharing network, Palo Alto said on a blog posted on Sunday afternoon.

When users downloaded version 2.90 of Transmission, which was released on Friday, their Macs were infected with the ransomware, the blog said.

An Apple representative said the company had taken steps over the weekend to prevent further infections by revoking a digital certificate that enabled the rogue software to install on Macs. The representative declined to provide other details.

Transmission responded by removing the malicious version of its software from its website. On Sunday it released a version that its website said automatically removes the ransomware from infected Macs.

The website advised Transmission users to immediately install the new update, version 2.92, if they suspected they might be infected.

Palo Alto said on its blog that KeRanger is programmed to stay quiet for three days after infecting a computer, then connect to the attacker’s server and start encrypting files so they cannot be accessed.

After encryption is completed, KeRanger demands a ransom of 1 bitcoin, or about $400, the blog said.

Olson, the Palo Alto threat intelligence director, said that the victims whose machines were compromised but not cleaned up could start losing access to data on Monday, which is three days after the virus was loaded onto Transmission’s site.

Representatives with Transmission could not be reached for comment.

(Editing by Jeffrey Benkoe and Sandra Maler)

U.S. tech companies unite behind Apple ahead of iPhone encryption ruling

(Reuters) – Alphabet Inc’s Google, Facebook Inc, Microsoft Corp and several other Internet and technology companies will file a joint legal brief on Thursday asking a judge to support Apple Inc in its encryption battle with the U.S. government, sources familiar with the companies’ plans said.

The effort is a rare display of unity and support for the iPhone maker from companies which are competitors in many areas, and shows the breadth of Silicon Valley’s opposition to the government’s anti-encryption effort.

The fight between Apple and the government became public last month when the U.S. Federal Bureau of Investigation obtained a court order requiring Apple to write new software and take other measures to disable passcode protection and allow access to an iPhone used by one of the San Bernardino shooters in December.

Apple has pushed back, arguing that such a move would set a dangerous precedent and threaten customer security. The clash has intensified a long-running debate over how much law enforcement and intelligence officials should be able to monitor digital communications.

The group of tech companies plans to file what is known as an amicus brief – a form of comment from outside groups common in complex cases – to the Riverside, California, federal judge Sheri Pym. She will rule on Apple’s appeal of a court order that would force it to create software to unlock the iPhone.

The companies will contest government arguments that the All Writs Act, a broad 1789 law that enables judges to require actions necessary to enforce their own orders, compels Apple to comply with its request.

In their joint brief, the tech companies will say that Congress passed the All Writs Act before the invention of the light bulb, and that it goes too far to contend that the law can be used to force engineers to disable security protections, according to a source familiar with their arguments.

Google, Facebook and others also appear to be tailoring their arguments specifically to a U.S. Supreme Court audience, where the case may end up. The brief will highlight a unanimous 2014 U.S. Supreme Court case which said law enforcement needs warrants to access smartphones snared in an arrest, the source said.

That opinion, penned by Chief Justice John Roberts, united the Supreme Court’s liberal and conservative factions.

Briefs are also expected in support of the government.

Stephen Larson, a former federal judge, told Reuters last week that he is working on a brief with victims of the San Bernardino shooting who want the FBI to be able to access the data on the phone used by Rizwan Farook. “They were targeted by terrorists, and they need to know why, how this could happen,” Larson said.

Several other tech companies are joining Google, Facebook and Microsoft.

Mozilla, maker of the Firefox web browser, said it was participating, along with online planning tool maker Evernote and messaging app firms Snapchat and WhatsApp. Bookmarking and social media site Pinterest and online storage firm Dropbox are also participating.

“We stand against the use of broad authorities to undermine the security of a company’s products,” Dropbox General Counsel Ramsey Homsany said in a statement.

A separate group including Twitter Inc, eBay Inc, LinkedIn Corp and more than a dozen other tech firms filed a brief with the court in support of Apple on Thursday. AT&T Inc filed its own brief.

Networking leader Cisco Systems Inc said it expected to address the court on Apple’s behalf, but did not say whether it was joining with the large group of companies.

Semiconductor maker Intel Corp plans to file a brief of its own in support of Apple, said Chris Young, senior vice president and general manager for Intel Security Group.

“We believe that tech companies need to have the ability to build and design their products as needed, and that means that we can’t have the government mandating how we build and design our products,” Young said in an interview.

The Stanford Law School for Internet and Society filed a separate brief on Thursday morning on behalf of a group of well-known experts on iPhone security and encryption, including Charlie Miller, Dino Dai Zovi, Bruce Schneier and Jonathan Zdziarski.

Privacy advocacy groups the American Civil Liberties Union, Access Now and the Wickr Foundation filed briefs on Wednesday in support of Apple before Thursday’s deadline set by Pym.

Salihin Kondoker, whose wife Anies Kondoker was injured in the San Bernardino attack, also wrote on Apple’s behalf, saying he shared the company’s fear that the software the government wants Apple to create to unlock the phone could be used to break into millions of other phones.

“I believe privacy is important and Apple should stay firm in their decision,” the letter said. “Neither I, nor my wife, want to raise our children in a world where privacy is the tradeoff for security.”

Law enforcement officials have said that Farook and his wife, Tashfeen Malik, were inspired by Islamist militants when they shot and killed 14 people and wounded 22 others last Dec. 2 at a holiday party. Farook and Malik were later killed in a shootout with police and the FBI said it wants to read the data on Farook’s phone to investigate any links with militant groups.

Earlier this week, a Brooklyn judge ruled that the government had overstepped its authority by seeking similar assistance from Apple in a drug case.

(Reporting by Jim Finkle in Boston and Dustin Volz in San Francisco; Additional reporting by Dan Levine, Heather Somerville, Sarah McBride, Julia Love in San Francisco; Editing by Jonathan Weber, Grant McCool and Bill Rigby)

Apple lawyer, FBI director face off in Congress on iPhone encryption

By Julia Harte and Julia Edwards

WASHINGTON (Reuters) – FBI Director James Comey told a congressional panel on Tuesday that a final court ruling forcing Apple Inc <AAPL.O> to give the FBI data from an iPhone used by one of the San Bernardino shooters would be “potentially precedential” in other cases where the agency might request similar cooperation from technology companies.

The remarks were a slight change to Comey’s statement last week that ordering Apple to unlock the phone was “unlikely to be a trailblazer” for setting a precedent for other cases.

Tuesday’s testimony from Comey and remarks before the same U.S. House Judiciary Committee by Apple’s general counsel, Bruce Sewell, brought to Congress a public fight between Apple and the government over the dueling interests of privacy and security that has so far only been heard in the courts.

On Feb. 16, a federal court in California instructed Apple to write special software to unlock the iPhone 5c used by gunman Rizwan Farook, an order the company is contesting.

Sewell and Comey’s remarks also clarified some areas where the two sides fundamentally disagree. Comey said the tool created for Farook’s iPhone would not work on other models. But Sewell said the tool that Apple was being asked to create would work on any iPhone.

“This is not about the San Bernardino case. This is about the safety and security of every iPhone that is in use today,” Sewell said.

Committee members seized on Comey’s statement that the case could set a legal precedent allowing the agency access to any encrypted device.

“Given… that Congress has explicitly denied you that authority so far, can you appreciate our frustration that this case appears to be little more than an end run around this committee?” asked the panel’s ranking minority member, Michigan Representative John Conyers.

Comey responded that the Federal Bureau of Investigation was not asking to expand the government’s surveillance authority, but rather to maintain its ability to obtain electronic information under legal authorities that Congress has already provided.

He also acknowledged that it was a “mistake” for the FBI to have asked San Bernardino County officials to reset the phone’s cloud storage account after it was seized. The decision prevented the device, which was owned by the county, Farook’s employer, from backing up information that the FBI could have read.

Farook and his wife, Tashfeen Malik, shot and killed 14 people and wounded 22 others last Dec. 2 before they were themselves killed in a shootout with police. The government has said the attack was inspired by Islamist militants and the FBI wants to read the phone’s data to investigate any links with militant groups.

Comey told a congressional panel last Thursday that the phone could have “locator services” that would help the agency fill in a gap in its knowledge of the route the couple traveled as they fled.

“We’re missing 19 minutes before they were finally killed by law enforcement,” Comey said. “The answer to that might be on the device.”

A federal judge handed Apple a victory in another phone unlocking case in Brooklyn on Monday, ruling that he did not have the legal authority to order Apple to disable the security of an iPhone that was seized during a drug investigation.

U.S. Attorney General Loretta Lynch said on Tuesday at the RSA Cybersecurity conference in San Francisco that she was “disappointed” by the Brooklyn ruling, and rebuffed Apple’s claim that its Fifth Amendment protection against self-incrimination was being violated.

The Justice Department is “not alleging that [Apple has] done anything wrong,” Lynch said, but is treating the company as a third party holding data valuable to an ongoing investigation. Manhattan District Attorney Cyrus Vance testified in support of the FBI on Tuesday, arguing that default device encryption “severely harms” criminal prosecutions at the state level, including in cases in his district involving at least 175 iPhones.

(Reporting by Julia Edwards and Julia Harte; Editing by Bill Rigby and Grant McCool)

Apple calls FBI iPhone request ‘unprecedented’ in court filing

(Reuters) – Apple Inc on Thursday struck back in court against a U.S. government request to unlock an encrypted iPhone belonging to one of the San Bernardino shooters, arguing such a move would violate its free speech rights and require the company to devote significant resources to comply.

The U.S. Federal Bureau of Investigation is seeking Apple’s help to access shooter Rizwan Farook’s iPhone by disabling some of its passcode protections.

Apple argued in its brief that software was a form of protected speech, and thus the Justice Department’s demand violated the constitution.

“The government’s request here creates an unprecedented burden on Apple and violates Apple’s First Amendment rights against compelled speech,” it said.

Apple also argued that the court was over-stepping its jurisdiction, noting that Congress had rejected legislation that would have required companies to do the things the government is asking Apple to do in this case.

Apple said the court order, if upheld, could leave individuals and business vulnerable to an unlimited array of government directives.

“Under the same legal theories advocated by the government here, the government could argue that it should be permitted to force citizens to do all manner of things ‘necessary’ to assist it in enforcing the laws,” Apple said. It gave examples, “like compelling a pharmaceutical company against its will to produce drugs needed to carry out a lethal injection in furtherance of a lawfully issued death warrant or requiring a journalist to plant a false story in order to help lure out a fugitive.”

Apple’s resistance has intensified a national debate about whether the government should have technological access, or a “back door” to get into privately owned phones. The Justice Department has argued that Apple has no legal basis to refuse its help.

Some of the largest tech companies appear to be lining up behind Apple. Google and Facebook will both file briefs supporting the iPhone maker, said several sources familiar with the matter who were not authorized to speak publicly about it. Microsoft will file a friend-of the-court brief as well, company President Brad Smith said in congressional testimony Thursday. Twitter also said it will sign a brief in support of Apple.

Apple laid out in its brief the resources it believes would be necessary to comply with the government’s request, saying it would likely require a team of up to 10 Apple engineers and employees for as long as four weeks.

Complying with the request would also likely lead to “hundreds” of more demands from law enforcement, Apple said.

“Responding to these demands would effectively require Apple to create full-time positions in a new ‘hacking’ department to service government requests,” the company said in the filing.

“Apple would need to hire people whose sole function would be to assist with processing and effectuating such orders,” wrote Lisa Olle, an Apple lawyer and manager of privacy and law enforcement compliance. “These people would have no other necessary business or operations function at Apple” and would be charged with crafting what Apple referred to as “GovtOS.”

Government officials have rejected that characterization and earlier on Thursday, FBI Director James Comey told a congressional panel that court approval of the FBI’s request was “unlikely to be a trailblazer” in other cases.

While the case “will be instructive for other courts,” larger policy questions about reasonable law enforcement access to encrypted data will likely need to be resolved by Congress and others, Comey said.

Shares of Apple were barely changed and closed up less than 1 percent at $96.76.

Apple also raised the specter of courts ordering it to help in other cases in other ways, such as writing computer code that would turn on an iPhone microphone to help surveillance.

The company also criticized the Justice Department for publicizing the order, which would normally have been filed under seal.

“This is the only case in counsel’s memory in which an FBI Director has blogged in real-time about pending litigation, suggesting that the government does not believe the data on the phone will yield critical evidence about other suspects,” the company said.

Apple CEO Tim Cook said in an interview on Wednesday with ABC News that the company was prepared to take the case to the Supreme Court if necessary.

(Reporting by Dan Levine, Joseph Menn and Julia Love in San Francisco and Dustin Volz in Washington; Editing by Jonathan Weber, Bill Rigby and Richard Chang)

U.S. ramps up Apple fight with new filing in iPhone unlocking case

WASHINGTON/LOS ANGELES (Reuters) – The U.S. Department of Justice filed a motion seeking to compel Apple Inc to comply with a judge’s order for the company to unlock the encrypted iPhone belonging to one of the San Bernardino shooters, portraying the tech giant’s refusal as a “marketing strategy.”

The filing escalated a showdown between the Obama administration and Silicon Valley over security and privacy that ignited earlier this week.

The Federal Bureau of Investigation is seeking the tech giant’s help to access the shooter’s phone by disabling some of its passcode protections. The company so far has pushed back, and on Thursday won three extra days to respond to the order.

Apple did not immediately respond to a request for comment.

The motion to compel Apple to comply did not carry specific penalties for the company, and the Justice Department declined to comment on what recourse it was willing to seek. In the order, prosecutors acknowledged that the filing “is not legally necessary.”

But the Justice Department said the motion was in response to Apple CEO Tim Cook’s public statement Wednesday, which included a refusal to “hack our own users and undermine decades of security advancements that protect our customers.”

The clash between Apple and the Justice Department has driven straight to the heart of a long-running debate over how much law enforcement and intelligence officials should be able to monitor digital communications.

A federal court hearing in California has been scheduled for March 22 in the case, according to Thom Mrozek, a spokesman for the U.S. Attorney’s Office for the Central District of California.

“Rather than assist the effort to fully investigate a deadly terrorist attack … Apple has responded by publicly repudiating that order,” prosecutors wrote in the Friday order.

“Apple’s current refusal to comply with the court’s order, despite the technical feasibility of doing so, instead appears to be based on its concern for its business model and public brand marketing strategy,” prosecutors said.

The two sides have been on a collision course since Apple and Google began offering default end-to-end encryption on their devices in 2014, a move prompted in part by the surveillance revelations from former National Security Agency contractor Edward Snowden.

But the Justice Department struggled to find a compelling case where encryption proved to be an insurmountable hurdle for its investigators until the Dec. 2 shooting rampage by Rizwan Farook and his wife in San Bernardino, California, which killed 14. Authorities believe the couple was inspired by the Islamic State.

Some technology experts and privacy advocates backing Apple suggest Farook’s work phone likely contains little data of value. They have accused the Justice Department of choreographing the case to achieve a broader goal of gaining support for legislation or a legal precedent that would force companies to crack their encryption for investigators.

The case has quickly become a topic in the U.S. presidential race. Republican frontrunner Donald Trump on Friday called for a “boycott” against Apple until the company complied with the court order.

(Reporting by Julia Edwards, Dustin Volz and Lisa Richwine; Additional reporting by David Ingram; Editing by Andrew Hay and Bill Rigby)