Blog Layout

Mac HandBreak downloads infected by Trojan

Detangle IT • May 24, 2017
Mac HandBreak downloads infected by Trojan

macOS version of HandBrake, an open-source video transcoding software that converts multimedia files into various formats, was recently infected with a Trojan. According to HandBreak’s announcement, if you downloaded the app between May 2 (14:30 UTC) and May 6 (11:00 UTC), there’s a 50% chance that your system got infected. Read on to find out more.

How to know if your device was infected

HandBrake can be downloaded from its official website and via mirror sites, or sites that provide the same content as the primary site. Infected downloads came from the mirror site, download.handbrake.fr, where the installer file (HandBrake-1.0.7.dmg) was swapped with a Trojan file, OSX.PROTON. This malicious file managed to trick Apple's security approval system into deeming it as safe and legitimate.

One way to find out whether you’ve downloaded the Trojan is to look for an “activity_agent” process in the macOS by accessing the Activity Monitor application. Another way is by checking whether the installer file’s checksums match HandBreak’s public codes. You can do this by comparing your downloaded file’s codes with the ones found on HandBreak’s checksums page. If they don’t match, that means you’ve downloaded an infected installer file. This all might sound like a lot of tech gobbledygook, but these checks are essential to knowing whether or not your system has been infected.

The damage

The OSX.PROTON is considered one of the nastiest Trojans today because it can spy on computers from a remote location. It can monitor your activities, upload malicious files on your computer, steal your password and confidential information by detecting keystrokes or taking screenshots, and take over your entire system by hacking your admin settings.

Downloading an innocuous video transcoding application is not typically considered dangerous. However, downloading apps from unofficial sources definitely poses considerable risks. In such a scenario, a backed up data can save your malware-infected computer.

Precautionary measures

Fortunately, Apple has taken steps to block further infections by releasing an update. If your system has been infected, however, it’s not too late. Follow HandBreak’s suggested steps in removing infected files to mitigate any damage. You should also take additional security measures such as changing passwords from a different device. Better yet, get professional help from IT security experts.

Every time you download an app from an unauthorized source, know that there are risks. If you’re a Mac user, download apps only from the Apple Store; and for Android users, only from the Google Play Store. And to gauge the safety of the apps you want to download, it always helps to read their reviews beforehand.

The HandBreak macOS malware is just one of many that are attacking vulnerable systems. With the help of our network security experts, you can thwart cyber attackers’ attempts to steal your sensitive data, hold your files for ransom, or spy on your online activities. Call us now so we can recommend suitable protections.

By Detangle IT July 20, 2020
Scanning the files you download is not enough to detect malware these days. Hackers have found a clever way to get around antivirus and anti-malware software by using fileless malware. Since this malware is not as visible as traditional malware, it can infect your entire infrastructure without you even knowing. Let’s take a closer look […]
By Detangle IT July 15, 2020
Viruses and malware creators are out to attack anyone and everyone, including Mac users. Despite Apple’s robust macOS that makes it difficult to attack Macs, cybercriminals are finding ways to identify and exploit vulnerabilities. Read on to find out which threats you should protect your Mac against, as well as signs that your computer has […]
By Detangle IT July 3, 2020
Like people, websites also need to be dressed for success. Here’s how you can make yours look impressive and have visitors eager to do business with you. Make a statement with professional photographs Before site visitors read what’s on your website, they assess it by checking out your images. A picture is indeed worth a […]
SHOW MORE
Share by: