Macs the safer choice? Popular BitTorrent Client Transmission Gets Infected With Malware AGAIN - HotUKDeals
We use cookie files to improve site functionality and personalisation. By continuing to use HotUKDeals, you accept our cookie and privacy policy.
Get the HotUKDeals app free at Google Play

Search Error

An error occurred when searching, please try again!

Login / Sign UpSubmit

Macs the safer choice? Popular BitTorrent Client Transmission Gets Infected With Malware AGAIN

£0.00 @ choice
Second time this has happened now, and I know those who use a Mac and BitTorrent, tend to use Transmission as their client. The malware, dubbed OSX/Keydnap, is pretty nasty. It’s designed to steal … Read More
msmyth Avatar
[mod] 10m, 3w agoPosted 10 months, 3 weeks ago
Second time this has happened now, and I know those who use a Mac and BitTorrent, tend to use Transmission as their client.

The malware, dubbed OSX/Keydnap, is pretty nasty. It’s designed to steal the contents of the OS X system keychain and maintain a permanent backdoor. And for a few hours, that malware found its way into the popular Mac BitTorrent client, Transmission.

The good news is that “within minutes” of being notified that a rogue version of Transmission was discovered, the Transmission team removed the file from its web server. The bad news is that it’s unclear how long the rogue version of Transmission was available or how many people could have downloaded the file.

Is your Mac infected? Check using the details in the first post.
Other Links From choice:
msmyth Avatar
[mod] 10m, 3w agoPosted 10 months, 3 weeks ago
Options

All Comments

(2) Jump to unreadPost a comment
Comments/page:
[mod]#1
The malware-infected version of Transmission has a digital signature of Aug. 28, so ESET is advising anyone who downloaded Transmission 2.92 between Aug. 28-29 that their systems might be compromised.

Good news is this didn't fall into update chains, and Transmission hasn't had an update in quite a while, so this may only affect you if you downloaded it within the above timeframe. However, If you think you might be affected, check for the existence of any of these files or directories:

/Applications/Transmission.app/Contents/Resources/License.rtf

/Volumes/Transmission/Transmission.app/Contents/Resources/License.rtf

$HOME/Library/Application Support/com.apple.iCloud.sync.daemon/icloudsyncd

$HOME/Library/Application Support/com.apple.iCloud.sync.daemon/process.id

$HOME/Library/LaunchAgents/com.apple.iCloud.sync.daemon.plist

/Library/Application Support/com.apple.iCloud.sync.daemon/

$HOME/Library/LaunchAgents/com.geticloud.icloud.photo.plist

If you see this stuff, ESET says it means that the malicious version of Transmission was executed and that “Keydnap is most likely running.”

If you’ve got OSX/Keydnap running on your system, you can remove it by either running a virus scan from a trusted antivirus app like Norton AntiVirus or ESET CyberSecurity. There is also a gist on GitHub that you can run via OS X’s terminal to delete the malware.


Edited By: msmyth on Aug 31, 2016 14:28: .
#2
Thanks for posting this :)

Post a Comment

You don't need an account to leave a comment. Just enter your email address. We'll keep it private.

...OR log in with your social account

...OR comment using your social account

Thanks for your comment! Keep it up!
We just need to have a quick look and it will be live soon.
The community is happy to hear your opinion! Keep contributing!