• Home
  • Apps
  • Mac
  • News
  • Mac OS X BitTorrent Client Transmission Gets Hit Again With Malware

Mac OS X BitTorrent Client Transmission Gets Hit Again With Malware

Mac OS X BitTorrent Client Transmission Gets Hit Again With Malware

A short five months ago, popular Mac BitTorrent client Transmission was discovered to be a carrier for the first “ransomware” malware discovered on the Mac. Now, researchers at security website We Live Security have discovered another strain of malware, called OSX/Keydnap, which was spread temporarily via a recompiled version of the Transmission app, was temporarily available via the app’s official website.

Mac OS X BitTorrent Client Transmission Gets Hit Again With Malware

MacRumors:

OSX/Keydnap executes itself in a similar manner as the previous Transmission ransomware KeRanger, by adding a malicious block of code to the main function of the app, according to the researchers. Likewise, they said a legitimate code signing key was used to sign the malicious Transmission app, different from the legitimate Transmission certificate, but still signed by Apple and thereby able to bypass Gatekeeper on OS X.

The researchers say upon discovering the new malware, they notified the Transmission team, who immediately removed the malicious version from their web server, and launched an investigation. It is believed the infected version of Transmission was signed on August 28 and distributed only on August 29. It is recommended that anyone who downloaded version 2.92 of the app between those dates should verify whether their system has been compromised.

Check for the presence of any of the following files or directories:

  • /Applications/Transmission.app/Contents/Resources/License.rtf
  • /Volumes/Transmission/Transmission.app/Contents/Resources/License.rtf
  • $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/icloudsyncd
  • $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/process.id
  • $HOME/Library/LaunchAgents/com.apple.iCloud.sync.daemon.plist
  • /Library/Application Support/com.apple.iCloud.sync.daemon/
  • $HOME/Library/LaunchAgents/com.geticloud.icloud.photo.plist

MacTrast will keep you posted on any further developments.

Related

  1. Delta Updates iPad App – Allows Video Streaming During Flights
  2. Apple Finally Patches App Store Vulnerabilities
  3. Apple Plans to Repurpose Mesa Sapphire Plant – Will Work to Preserve Jobs
  4. MacTrast Deals: Keyboard Maestro – Empower Your Workflow
  5. Ticker for the Apple TV – Your Personal News Channel
  6. Report: Apple & Carriers Already Testing A 4G LTE Capable iPhone
Apple Giveaways

iPhone X Giveaway

$999

Enter

MacBook Pro Giveaway

$1499.00

Enter

10.5″ iPad Pro Giveaway

$649.00

Enter

iPhone 8 Plus Giveaway

$800.00

Enter
Share