http://9to5mac.com/2016/03/06/first...ciously-encrypt-hard-drives-on-infected-macs/ In can encourage every Mac user to look at these free tools: https://objective-see.com/products.html
Well all apps with a valid dev certificate are allowed to run through Gatekeeper, which in this the certificate from Transmission seems to have been misused in some way. And also if you download an app no matter what youll get prompted that the file was downloaded online and if you really want to run it. BUT in this case i guess (I dont use Transmission) the in program updater may have been used and in that case nop security features of OSX seem to catch this malware that has been downloaded together with the app update.
That could be the case, although I remember seeing a thread here that showed how easy it is to spoof Apple's certificate check. Yeah, that is the problem with not using repositories (Windows and Mac), because regular users will run the files anyway hehehhehe
But i can tell that Apple hired some good people like the developer of Edward Snowdens most used Chat app and some of the devs of the Thunderstrike Malware/Exploit as well to beef up OSXes security alot i hope
Its nice to see that both Apple as well as Transmissions staff reacted so fast to not let this escalate to a much bigger scale. But we will see much more like this really soon.
Heres an analysis from Symantec: http://www.symantec.com/security_response/writeup.jsp?docid=2016-030705-4930-99&tabid=2
According to Reuters 6,500 people downloaded the ransomware. http://www.reuters.com/article/apple-ransomware-idUSKCN0W9259?type=companyNews
There is the Mac App Store, but you don't have to use it. You can also download apps with your browser.
