Just five months after Transmission was infected with the first "ransomware" ever found on the Mac, the popular BitTorrent client is again at the center of newly uncovered OS X malware.
Researchers at security website We Live Security have discovered the malware, called OSX/Keydnap, was spread through a recompiled version of Transmission temporarily distributed through the client's official website.
OSX/Keydnap executes itself in a similar manner as the previous Transmission ransomware KeRanger, by adding a malicious block of code to the main function of the app, according to the researchers. Likewise, they said a legitimate code signing key was used to sign the malicious Transmission app, different from the legitimate Transmission certificate, but still signed by Apple and thereby able to bypass Gatekeeper on OS X.
The researchers said they notified the Transmission team about the malware, and within minutes they removed the malicious file from their web server and launched an investigation. The researchers believe the infected Transmission app was signed on August 28 and distributed only on August 29, and thus recommend anyone who downloaded version 2.92 of the app between those dates to verify if their system is compromised by checking for the presence of any of the following files or directories:
- /Applications/Transmission.app/Contents/Resources/License.rtf
- /Volumes/Transmission/Transmission.app/Contents/Resources/License.rtf
- $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/icloudsyncd
- $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/process.id
- $HOME/Library/LaunchAgents/com.apple.iCloud.sync.daemon.plist
- /Library/Application Support/com.apple.iCloud.sync.daemon/
- $HOME/Library/LaunchAgents/com.geticloud.icloud.photo.plist
Tags: malware, Transmission
89 comments
Apple plans to release a 16-inch MacBook Pro in September, according to Jeff Lin, an analyst at research firm IHS Markit.
MacRumors concept of 16-inch MacBook Pro display
Lin believes the...
Apple plans to refresh its MacBook Air lineup with faster processors in September, according to IHS Markit analyst Jeff Lin's latest Emerging PC Market Tracker report, published Thursday and...
Apple today shared three new ads on its YouTube channel in Australia, highlighting iMessage encryption, App Store privacy, and iPhone recycling, as part of its ongoing "That's iPhone"...
When Apple has to make a difficult decision regarding an app in the App Store, its fate is determined in a meeting of a group called the Executive Review Board or ERB, led by Apple marketing chief...
Apple's upcoming Apple Card credit card is now being tested by both its corporate and retail employees ahead of a planned summer launch, and unsurprisingly, some images of the card have leaked...
Apple in iPadOS introduced some performance improvements between the iPad Pro and the Apple Pencil, cutting latency from 20ms to 9ms with the new software.
Third-party developers who make apps...
Samsung is the exclusive supplier of OLED displays for the iPhone X and newer, as part of a supply agreement with Apple. Due to fewer iPhone sales than anticipated in recent quarters, however, Apple...
AT&T is the fastest mobile network in the United States according to PCMag's latest annual mobile network comparison, which was released this morning.
For the test, PCMag employees drove...
