Ransomware has come to Apple's OSX through a doctored binary for the Transmission bittorrent client (archived). This is reminiscent of a similar failure by Linux Mint to secure their software distribution pipeline, with the only substantial added step in this case being the ~100 United States dollar expense to register a key with Apple to bypass their "Gatekeeper" check for signed code. Once again pseudo security theater fails to provide actual security.