In early May, a mirror download server hosting popular Mac transcoder app HandBrake was hacked, and the legitimate version of HandBrake was replaced with a version infected with OSX.PROTON, a remote access trojan giving hackers root-access privileges to a Mac.

In a blog post shared today, Panic Inc. developer and co-founder Steven Frank said he downloaded the infected version of HandBrake, which led to the theft of much of the source code behind Panic's apps. Panic offers several apps, including web editor Coda, FTP app Transmit, SSH client Prompt, and Firewatch, an adventure game.

panicapps
Hackers accessed Frank's computer through the infected HandBrake software and were able to obtain his usernames and passwords, including git credentials. Several source code repositories were cloned by the attackers, who have demanded "a large bitcoin ransom" to stop the release of the source code, a ransom Panic does not intend to pay.

While Panic's source code has been stolen, the company says that a careful review of its logs indicates that the theft was the extent of the damage - the hacker did not access customer information or Panic Sync Data.

- There's no indication any customer information was obtained by the attacker.
- Furthermore, there's no indication Panic Sync data was accessed.
- Finally, our web server was not compromised.

(As a reminder, we never store credit card numbers since we process them with Stripe, and all Panic Sync data is encrypted in such a way that even we can't see it.)

According to Panic, the source code for the apps could potentially be used by hackers to create malware-infected builds of the company's apps, so users should be vigilant and download Panic apps only from the company's website or the Mac App Store.

Panic has been in contact with both the FBI and Apple. Apple's security team is "standing by to quickly shut down any stolen/malware-infested versions" of Panic apps that are discovered, while the FBI is actively investigating the attack.

Panic is asking customers to notify the company of any unofficial or cracked versions of Panic apps that are discovered in the wild, as any such content is likely infected with malware.

Tags: Handbrake, Malware, Panic

Top Rated Comments

mw360 Avatar
mw360
102 months ago
Probably an idea to just give it away now. If it's free from their site it won't be downloaded elsewhere.
Any excuse for some freebies...
Score: 16 Votes (Like | Disagree)
canadianreader Avatar
canadianreader
102 months ago
I really like Panic apps I bought both Coda and Transmit my only regret is when they pulled out Coda from the AppStore and made it only available thru their website. Maybe be it's time to put it back on the app store
Anyway they don't deserve this and they have my empathy and compassion for what they're going thru.
Score: 11 Votes (Like | Disagree)
roland.g Avatar
roland.g
102 months ago
Not that I wish anything bad on anyone but am I the only one wondering why he was downloading a utility like Handbrake onto a machine with the company source code. Seems like that was not the wisest move.
Score: 9 Votes (Like | Disagree)
MichaelQ Avatar
MichaelQ
102 months ago
If apps like Handbrake were allowed in the App Store this wouldn't have been a problem in the first place.
Score: 7 Votes (Like | Disagree)
noah82 Avatar
noah82
102 months ago
Yikes. Maybe it's time to.......Panic!!
Score: 6 Votes (Like | Disagree)
zorinlynx Avatar
zorinlynx
102 months ago
There are many great applications out there that cannot be added to the app store due to Apple restrictions.

In many cases it would not be possible to modify these applications accordingly.
Yeah, that's the biggest problem, and it's why the Mac App Store hasn't caught on more than it has. Apple requires all MAS apps to enable sandboxing, which greatly limits what a Mac application can do, among other issues.

Apple never should have applied the same policy to Mac App Store apps as they did to the iOS App Store. Macs are full-fledged general purpose computers with a different usage scenario than iOS devices; treating them both the same for app policy is short-sighted.

I remember when there were a far greater variety of apps in the Mac App Store, then Apple tightened the policies and a bunch of app developers jumped ship, distributing directly instead. It's a shame because the store was a good idea, just poorly executed.
Score: 6 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 19 visionOS UI Elements

iOS 19 to Have Some of the 'Biggest' Design Changes in iPhone's History

Sunday March 16, 2025 10:35 am PDT by
Apple is planning some of the "biggest iOS and macOS redesigns in its history," according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman reiterated that iOS 19 will have a visionOS-like design with more transparent interfaces:The new interfaces will adopt the design principles introduced in visionOS, the software for Apple's Vision Pro headset. That includes greater...
Read Full Article157 comments
iphone 17 pro asherdipps

iPhone 17 Pro Max Rumors Allegedly Refer to 'iPhone 17 Ultra' Model

Friday March 14, 2025 7:56 am PDT by
If you've been following iPhone rumors over the last few years, you may remember reading reports that Apple flirted with the idea of introducing a super high-end "Ultra" model that would either replace its Pro Max device or sit above it in Apple's smartphone hirearchy. These reports appeared in the pre-launch iPhone 15 and iPhone 16 rumor cycles, but ultimately came to nothing. Now though, the...
Read Full Article145 comments
iPhone 17 Air Size Feature

Ultra-Thin 'iPhone 17 Air' Rumored to Include These 12 Features

Saturday March 15, 2025 10:50 am PDT by
While the so-called "iPhone 17 Air" is not expected to launch until September, there are already plenty of rumors about the ultra-thin device. Overall, the "iPhone 17 Air" sounds like a mixed bag. While the device is expected to have an impressively thin and light design, rumors indicate it will have some compromises compared to iPhone 17 Pro models, including only a single rear camera, a...
Read Full Article118 comments
Bent iPhone Air Feature

Apple Canned Larger iPhone 17 Air Model Over Fears of Bendgate 2.0

Monday March 17, 2025 4:07 am PDT by
Apple prototyped a larger ultra-slim iPhone 17 Air with a 6.9-inch display, but ultimately decided not to go ahead with the device because of fears that it could be susceptible to bending, according to a new report. Bloomberg reporter Mark Gurman, writing in his latest Power On newsletter: When it first started work on the phone, it prototyped a device with a 6.9-inch screen — matching...
Read Full Article94 comments
iphone 16 pro models 1

Apple's First Foldable iPhone Estimated to Cost Nearly Twice as Much as iPhone 16 Pro Max

Monday March 17, 2025 6:42 am PDT by
In an investor research note today with British bank Barclays, analyst Tim Long said Apple's first foldable iPhone could have a starting price in the $2,300 range in the United States, which would make it by far the most expensive iPhone model ever. If the first foldable iPhone starts at $2,299, that means it would cost nearly twice as much as the iPhone 16 Pro Max, which starts at $1,199. ...
Read Full Article259 comments
iPhone 17 Air Size Feature

'iPhone 17 Air' Rumored to Start at $899 With Surprisingly Good Battery Life, Camera Control, and More

Sunday March 16, 2025 9:05 am PDT by
Bloomberg's Mark Gurman today shared some new details about the rumored iPhone 17 Air. In his Power On newsletter, Gurman said he was told that the device may start at roughly $899 in the U.S., which means that it would occupy the same price point as the iPhone 16 Plus. This would make sense, as it has been widely rumored that the Air model will take over the Plus model's spot in the iPhone...
Read Full Article52 comments
General iOS Mail Feature

iOS 18.3.2 Broke iCloud Mail Delivery

Monday March 17, 2025 3:31 pm PDT by
The iOS 18.3.2 update that Apple released last week appears to have broken iCloud Mail for some users. There are multiple complaints on Reddit and the MacRumors forums from users who say that iCloud Mail is not able to push new iCloud emails to their iPhones after the iOS 18.3.2 update. Affected users say that despite having the correct settings enabled, new iCloud emails are not showing up...
Read Full Article73 comments
iphone 16e usb c feature

'iPhone 17 Air' is Step Towards Slimmer iPhones Without USB-C Ports

Sunday March 16, 2025 9:36 am PDT by
Apple considered launching the iPhone 17 Air without a USB-C charging port, according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman said that while Apple ultimately decided against making the iPhone 17 Air its first iPhone model without a charging port, the idea is still on the table for future iPhone models. He said the iPhone 17 Air will "foreshadow a move to...
Read Full Article257 comments