It is currently 24-09-2017 15:12

Popular BitTorrent-client accused of distributing malware for Mac

Popular BitTorrent-client accused of distributing malware for Mac

by sigismund » 2016-08-31 15:19:11


OSX/Keydnap spread in the composition of the recompiled version of the Transmission, signed with legitimate digital certificates from Apple.


Attackers invent different ways of spreading malicious software, including via the app. In one case, the malware contained the popular BitTorrent client Transmission. We are talking about the malware OSX/Keydnap can steal the contents of the keychain access Mac OS X and to function as a backdoor that allows the attackers to gain permanent access to a compromised system remotely and execute various commands.

According to experts of the company ESET, which monitors the activities of OSX/Keydnap since July of this year, the malware was distributed on a trusted site in the composition of the recompiled version of the Transmission, signed with legitimate digital certificates from Apple. Thus, malware could bypass the security Gatekeeper.

Currently, fake version is already removed from the official Transmission website. However, experts recommend that users who downloaded the client last weekend, to check the presence of malware.

Previously, BitTorrent-client was seen in the distribution of other malware - ransomware KeRanger. After analyzing both attacks, ESET experts discovered a number of similarities. In particular, in both cases, was used almost the same code to load and run a malicious module.

At the moment it is not known how fake the client ended up on the official website. The researchers believe that attackers could hack the resource and to place a "modified" version of the app.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5