Mac owners who have recently downloaded Elmedia Player or Folx from Eltima Software may have unwittingly installed malware on their machines, reports ZDNet.
Downloads of Folx and Elmedia player were infected with Proton, a Remote Access Trojan, after Eltima's servers were hacked. The Proton backdoor lets attackers access browser information, keylogs, usernames, passwords, macOS keychain data, and more.
- /tmp/Updater.app/
- /Library/LaunchAgents/com.Eltima.UpdaterAgent.plist
- /Library/.rand/
- /Library/.rand/updateragent.app/
Apple and Eltima have disabled the developer ID that was used to sign the Proton-infected software bundle, and Eltima is working with Apple to figure out what happened.
Anyone who was impacted by the malware will need to reinstall macOS to get rid of it. Eltima says it has taken action to prevent against further attacks and improve its server security. Clean versions of Elmedia Player and Folx are now available from the Eltima website.
Downloads of Folx and Elmedia player were infected with Proton, a Remote Access Trojan, after Eltima's servers were hacked. The Proton backdoor lets attackers access browser information, keylogs, usernames, passwords, macOS keychain data, and more.
In an email to ZDNet, an Eltima spokesperson said that the malware was distributed with downloads as a result of their servers being "hacked" after attackers "used a security breach in the tiny_mce JavaScript library on our server."The compromised software was discovered on October 19, and customers who downloaded software from Eltima on that date before 3:15 p.m. Eastern Time may be affected by the malware. The following files will be found on an infected system:
- /tmp/Updater.app/
- /Library/LaunchAgents/com.Eltima.UpdaterAgent.plist
- /Library/.rand/
- /Library/.rand/updateragent.app/
Apple and Eltima have disabled the developer ID that was used to sign the Proton-infected software bundle, and Eltima is working with Apple to figure out what happened.
Anyone who was impacted by the malware will need to reinstall macOS to get rid of it. Eltima says it has taken action to prevent against further attacks and improve its server security. Clean versions of Elmedia Player and Folx are now available from the Eltima website.
51 comments
Apple today filed petitions with the United States Patent and Trademark Office challenging the validity of four Qualcomm patents amid an increasingly vicious legal battle, reports Bloomberg. Apple is...
Just weeks after Apple abandoned its plans to build a $1 billion data center in Ireland, and amid a major Irish tax dispute with the European Commission, Apple CEO Tim Cook ensures his company...
As a side note in his report about technical challenges facing the AirPower, expected to be released by September, well-connected reporter Mark Gurman also noted that Apple considered removing wired...
In the latest piece of news surrounding Apple's original television content plans, the company has given a series order to an adaptation of the French series "Calls," which aired in...
Apple aims to release its multi-device AirPower charging mat "before or in September," after facing a handful of technical challenges with its hardware and software, according to...
The Car Connectivity Consortium (CCC), an organization that includes Apple, today announced the publication of a new Digital Key Release 1.0 specification, which is a standardized solution designed...
Apple is partnering up with Sesame Workshop to create a range of programming for children, reports Variety. The partnership was established by Zack Van Amburg and Jamie Erlicht, who have been heading...
Toshiyasu Abe, a resident of Vancouver, Washington, has filed a lawsuit against Apple in Oregon district court this week, accusing the company of infringing upon his patent with Key Flicks and 3D...
