In early May, a mirror download server hosting popular Mac transcoder app HandBrake was hacked, and the legitimate version of HandBrake was replaced with a version infected with OSX.PROTON, a remote access trojan giving hackers root-access privileges to a Mac.

In a blog post shared today, Panic Inc. developer and co-founder Steven Frank said he downloaded the infected version of HandBrake, which led to the theft of much of the source code behind Panic's apps. Panic offers several apps, including web editor Coda, FTP app Transmit, SSH client Prompt, and Firewatch, an adventure game.

panicapps
Hackers accessed Frank's computer through the infected HandBrake software and were able to obtain his usernames and passwords, including git credentials. Several source code repositories were cloned by the attackers, who have demanded "a large bitcoin ransom" to stop the release of the source code, a ransom Panic does not intend to pay.

While Panic's source code has been stolen, the company says that a careful review of its logs indicates that the theft was the extent of the damage - the hacker did not access customer information or Panic Sync Data.

- There's no indication any customer information was obtained by the attacker.
- Furthermore, there's no indication Panic Sync data was accessed.
- Finally, our web server was not compromised.

(As a reminder, we never store credit card numbers since we process them with Stripe, and all Panic Sync data is encrypted in such a way that even we can't see it.)

According to Panic, the source code for the apps could potentially be used by hackers to create malware-infected builds of the company's apps, so users should be vigilant and download Panic apps only from the company's website or the Mac App Store.

Panic has been in contact with both the FBI and Apple. Apple's security team is "standing by to quickly shut down any stolen/malware-infested versions" of Panic apps that are discovered, while the FBI is actively investigating the attack.

Panic is asking customers to notify the company of any unofficial or cracked versions of Panic apps that are discovered in the wild, as any such content is likely infected with malware.

Top Rated Comments

mw360 Avatar
83 months ago
Probably an idea to just give it away now. If it's free from their site it won't be downloaded elsewhere.
Any excuse for some freebies...
Score: 16 Votes (Like | Disagree)
canadianreader Avatar
83 months ago
I really like Panic apps I bought both Coda and Transmit my only regret is when they pulled out Coda from the AppStore and made it only available thru their website. Maybe be it's time to put it back on the app store
Anyway they don't deserve this and they have my empathy and compassion for what they're going thru.
Score: 11 Votes (Like | Disagree)
roland.g Avatar
83 months ago
Not that I wish anything bad on anyone but am I the only one wondering why he was downloading a utility like Handbrake onto a machine with the company source code. Seems like that was not the wisest move.
Score: 9 Votes (Like | Disagree)
MichaelQ Avatar
83 months ago
If apps like Handbrake were allowed in the App Store this wouldn't have been a problem in the first place.
Score: 7 Votes (Like | Disagree)
noah82 Avatar
83 months ago
Yikes. Maybe it's time to.......Panic!!
Score: 6 Votes (Like | Disagree)
zorinlynx Avatar
83 months ago
There are many great applications out there that cannot be added to the app store due to Apple restrictions.

In many cases it would not be possible to modify these applications accordingly.
Yeah, that's the biggest problem, and it's why the Mac App Store hasn't caught on more than it has. Apple requires all MAS apps to enable sandboxing, which greatly limits what a Mac application can do, among other issues.

Apple never should have applied the same policy to Mac App Store apps as they did to the iOS App Store. Macs are full-fledged general purpose computers with a different usage scenario than iOS devices; treating them both the same for app policy is short-sighted.

I remember when there were a far greater variety of apps in the Mac App Store, then Apple tightened the policies and a bunch of app developers jumped ship, distributing directly instead. It's a shame because the store was a good idea, just poorly executed.
Score: 6 Votes (Like | Disagree)

Popular Stories

iOS 17

Apple Releases iOS 17.0.2 and iPadOS 17.0.2 for All iPhones and iPads

Tuesday September 26, 2023 12:47 pm PDT by
Apple today released iOS 17.0.2 and iPadOS 17.0.2 updates, with the software coming five days after the releases of iOS 17.0.1 and iPadOS 17.0.1. Today's iOS 17.0.2 and iPadOS 17.0.2 updates arrive as build 21A351 and can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. Note that iOS 17.0.2 was previously made available for iPhone...
Apple WWDC23 macOS Sonoma hero

macOS Sonoma Launching This Week With These New Features

Sunday September 24, 2023 12:45 pm PDT by
Apple previously announced that macOS Sonoma will be released this Tuesday, September 26. The free software update includes many new features and changes for the Mac, including the five that we have highlighted below. In addition to these five features, we have shared the full release notes for macOS Sonoma below for a complete overview of everything new. Desktop Widgets macOS Sonoma...
iPhone 15 Pro Lineup Feature

Kuo: iPhone 15 Pro Overheating Issues Likely Due to Thermal Compromises, Not 3nm Node

Tuesday September 26, 2023 9:12 am PDT by
Complaints about heat issues with the iPhone 15 Pro models are not related to TSMC's 3-nanometer node that was used for the A17 Pro chip, according to well-respected Apple analyst Ming-Chi Kuo. Kuo says that overheating could be caused by "compromises made in the thermal system design" that allowed Apple to cut down on the weight of the iPhone 15 Pro models. Kuo says that the reduced heat...
iPhone 16 Side Feature

iPhone 16 to Include an Additional Capacitive 'Capture' Button

Monday September 25, 2023 12:50 pm PDT by
The iPhone 16 series is expected to gain an additional capacitive button, known internally as the "Capture Button." Codenamed "Project Nova," the button is likely to be one of the main selling points of the iPhone 16 lineup, assuming it gets past the initial testing phase. The Capture Button is located on the same side as the Power button, only positioned slightly lower - where the mmWave cutout...
ipad mini blue

Apple to Launch iPad Mini 7 Later This Year, Industry Report Suggests

Monday September 25, 2023 3:16 am PDT by
Apple could be preparing to release a seventh-generation iPad mini before the end of the year, based on a new report by DigiTimes. In an article discussing stagnating global tablet demand in the second half of 2023, the Taiwan-based outlet forecasts an uptick in Apple's share of the market owing to orders for a "small-size" iPad in the fourth quarter. From the report (see bold): In the...
macos sonoma 4

Apple Releases macOS Sonoma With New Widget Features, Safari Updates, Screen Sharing Improvements and More

Tuesday September 26, 2023 10:01 am PDT by
Apple today released macOS 14 Sonoma, the newest version of the operating system that runs on the Mac. macOS Sonoma has been in beta testing for several months, and it is compatible with the 2019 and later iMac, the iMac Pro, the 2018 and later Mac mini, the 2018 and later MacBook Pro, the 2019 and later Mac Pro, and the Mac Studio. The ‌macOS Sonoma update can be downloaded for free on...