Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Transmission the Popular BitTorrent Client Yet Again Associated with Mac Malware

A ransomware and the first to infect Mac affected Transmission a BitTorrent application. Only five months following that, the widely-accepted client of BitTorrent has again become associated with another OS X malware just detected.

Researchers with We-Live-Security a security website have uncovered the malicious program as OSX/Keydnap. It was proliferated via Transmission's recompiled version and done from its authorized site.

The malware bundled with Transmission would run, the application proving sufficient for the purpose, even there wouldn't be need for it to authenticate its user except to the extent that enables Transmission's installation. Moreover, with the right signature of Transmission, it was easy to have Gatekeeper's consent for getting the malware planted.

The latest Keydnap version acquiring root access enables its command-and-control infrastructure for determining the decryption code required in connection with the computer operator's Keychain. After this, the saved passwords get uploaded. Passwords saved in Keychain consist of system passwords; login credentials to access different service websites, like Amazon login details; Gmail passwords; and banking credentials.

It mayn't be a long time the malware would make impact. Transmission's affected version remained like that for approximately 24-hrs after which researchers withdrew it, with security firm ESET notifying Apple of Keydnap. The immediate need is stopping that key from working so that the malware wouldn't run. Nevertheless, it only reiterates that even hard-core protections for users' computers wouldn't necessarily detect malicious codes. Engadget.com posted this, August 30, 2016.

Although in July, ESET posted the malware's details, still the company was not sure in what way it was proliferating. Possibly the sources were files attached to spam mails, content pulled down from dubious sites, else other.

Albeit Transmission didn't instantly react to let comments flow in, the problem is being investigated. Nevertheless earlier in 2016, BitTorrent's client too distributed one Mac-targeted ransomware -KeRanger.

Similar as with KeRanger's instance, one genuine key that would sign to authenticate code was utilized for signing the malware-included Transmission app package. It is unlike the real Transmission authentication, however, still Apple signed it and Gatekeeper safeguards couldn't detect it. It's expected ESET's products would identify and eliminate Keydnap malware too.

ยป SPAMfighter News - 9/5/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page