Oh malware, how much no one and I mean absolutely no one likes you. Malware can even get in applications that we use just about every day and if you’re one that uses the HandBrake video converter program on macOS, hackers have been able to get into the download server and infect it with malware. If you downloaded HandBrake between May 2nd and May 6th, your Mac may be infected with Proton malware.
Only a download mirror, hosted by download.handbrake.fr was hit by the hackers but the main download service is unaffected. The downside is that anyone who downloaded version HandBrake-1.0.7.dmg from this server has a 50 percent chance of getting the trojan says the HandBrake team. Now, if you’ve been on version 1.0 and then upgraded to version 1.0.7 you should be ok because the program wouldn’t have been able to update with the malware present. If you were running version 0.10.5 and downloaded the newest version within the timeframe though you may be affected, so make sure you check your computer.
An analysis was done by the director of security research at Synack, Patrick Wardle, who says the infected HandBrake program contains a new version of the Proton malware for macOS. If you’re not familiar with Proton malware, the gist of it is that it’s a Remote Access Tool (RAT) that’ll be able to take keylogs, take screenshots from webcams, and take any files whenever and leave no trace behind.
Luckily, HandBrake’s forums have provided details on how to manually remove the malware and urges whoever finds the malicious files to change their passwords in macOS keychains and web browsers being used. Hey, at least there’s a way to manually remove the program, but at the same time, someone’s information has already been claimed by attackers. Hopefully none of you guys have been affected, but in case you have, change your passwords immediately and keep an eye out on your accounts.
Last Updated on May 9, 2017.