Handbrake

Mac users, take note. The developers of popular open source video transcoder app Handbrake have issued a security warning after one of their mirror download servers was hacked.

An alert was issued on Saturday after the developers discovered that the original Handbrake-1.0.7 dmg installer on the download.handbrake.fr mirror server was replaced by a malicious file. The affected server has been shut down for investigation.

Do note that if you’ve downloaded the app between 14:30 UTC, 2 May and 11:00 UTC, 6 May, there’s a 50% chance that it may be infected by a Trojan. In an alert sent out on Saturday, it warns that if you see a process called “Activity_agent” in the OSX Activity Monitor, then you’re infected.

If you’re infected, here’s how you remove it. You’ll need to fire up Terminal and follow the commands below:

  • launchctl unload ~/Library/LaunchAgents/fr.handbrake.activity_agent.plist
  • rm -rf ~/Library/RenderFiles/activity_agent.app
  • if ~/Library/VideoFrameworks/ contains proton.zip, remove the folder

For reference, if you’ve installed a HandBrake.dmg with the following checksums, you will also be infected:

SHA1: 0935a43ca90c6c419a49e4f8f1d75e68cd70b274
SHA256: 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793

You should remove any Handbrake.app installs from your computer. If you’ve a utility like CleanMyMac, even better.

Just as a precaution, change all your passwords that may be in your OSX KeyChain, or any stored browser passwords.

As a primer, the malware is a new variant of OSX.PROTON – a Mac-based remote access Trojan. It gives the attacker root-access privileges.

READ ALSO  Apple Red Friday: Special One-Day Event At Apple Online Store

In February, Apple updated its built-in security software XProtect to defend against the original Proton. Apple is said to have updated XProtect definitions and it should already be seeded to devices automatically.

According to Handbrake, the Download Mirror Server is undergoing a complete rebuild from scratch, so downloads may be slower than usual.

Source: Handbrake via Macrumors

  • Show Comments

Your email address will not be published. Required fields are marked *

comment *

  • name *

  • email *

  • website *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like

iPhone 5

Analysts: Apple iPhone 5 Sales to Top 5 Million in 3 Days

According to industry analysts, Apple is poised to sell five million iPhone 5s in ...

Final Cut Pro X

Apple Updates Final Cut Pro X

Apple has released Final Cut Pro X v10.0.3, a significant update to the pro ...

Lion Roars, Apple Soars to New Record Quarter for Macs

Apple‘s latest Mac OS X release – 10.7 Lion, released on July 20, and ...