Users who updated to HandBrake 1.0.7 are safe, as the updater uses DSA signatures to verify the downloaded files. A VirusTotal scan of this file doesn't list any infection, but this was one of Proton's advertised features, as being "undetectable." You are infected," HandBrake developers say. "If you see a process called 'Activity_agent' in the OSX Activity Monitor application.
#Handbrake for the mac for mac
Users who downloaded HandBrake for Mac 1.0.7 are most likely compromised. Download mirror compromised for four daysĪccording to the HandBrake team, their servers were compromised between May 2, 2017, 14:30 UTC and May 6, 2017, 1:00 UTC. The RAT can be used to steal data from infected devices, but also to allow attackers to connect via VNC or SSH to infected hosts. The Proton RAT was first spotted in March when a crook put it up for sale on an underground hacking forum. The miscreant(s) replaced the Mac version of the HandBrake client with his own version, which also contained Proton, a Remote Access Trojan for macOS. HandBrake is a multi-platform transcoder, an app that helps users convert multimedia files from one format to another.Īccording to a security alert posted yesterday on the app's forum, an unknown attacker had compromised on of the website's download mirrors, located at. The website of the HandBrake app has been compromised, and one of its download mirrors modified to host a version of the Proton RAT embedded in the app's Mac client.
0 kommentar(er)
