BitTorrent app was linked to Mac ransomware

BitTorrent app was linked to the first known instance of Mac ransomware, security researchers at ESET have pinpointed another form of malware taking advantage of Transmission to infect Mac users. Keydnap, as it's called, takes advantage of a modified version of Transmission (planted on the developer's site without its knowledge) to attack your computer. It's similar to the ransomware's approach in more ways than just its choice of host app -- it even uses a signing key to trick Apple's Gatekeeper safeguard into letting it through.

The malware's effect may be limited. Transmission only had the affected version available for about a day before they pulled it, and ESET has already told Apple about Keydnap about the relevant key. It's just a matter of blocking that key to prevent the malware from running. Nonetheless, this is a reminder that even stringent system-level protections won't always catch rogue code.

Literally minutes after being notified by ESET, the Transmission team removed the malicious file from their web server and launched an investigation to identify how this happened. At the time of writing, it was impossible to tell exactly when the malicious file was made available for download. According to the signature, the application bundle was signed on August 28th, 2016, but it seems to have been distributed only the next day. Thus, we advise anyone who downloaded Transmission v2.92 between August 28th and August 29th, 2016, inclusively, to verify if their system is compromised by testing the presence of any of the following file or directory:

  • /Applications/
  • /Volumes/Transmission/
  • $HOME/Library/Application Support/
  • $HOME/Library/Application Support/
  • $HOME/Library/LaunchAgents/
  • /Library/Application Support/
  • $HOME/Library/LaunchAgents/

Source: ESET

The owner of will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.Report any Broken Download linkon Blogmytuts Facebook Page. IF YOU WANT TO BORROW MY CONTENT PLEASE CONTACT US..
Share on Google Plus

About Jaime Lacson

A Freelance Computer Tech with knowledge about computer, router and mobile phones, especially in Upgrade and Downgrade OS, Software and Hardware troubleshooting. follow me at Google+
    Blogger Comment
    Facebook Comment