Claude Xaio and Jim Chen report a type of ransomware that can infect Mac OS transmitted through Bit Torremt, from Palo Alto Networks, in this blog posting. They dub the malware “KeRanger”. The product lies silent for three days after installation and then starts encrypting files.
This seems to be the first ransomware documented on the Mac. Andrea Peterson also reports on it in the Washington Post March 7.
XProtect has been updated to stop the malware, according to Appleinsider. The virus doesn't seem to spread by websites or phishing attacks.
XProtect is apparently automatically part of all Mac OS since 2009, and has led users to believe they do not need other third party anti-virus products (How-to article ).