• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

BitTorrent Client ‘Transmission’ Dropping Keydnap Malware on Mac Devices

August 31st, 2016 Uzair Amir Security, Malware 0 comments
BitTorrent Client ‘Transmission’ Dropping Keydnap Malware on Mac Devices
Share on FacebookShare on Twitter
Popular BitTorrent Client Transmission got their website infected with Keydnap Malware — The same malware was detected a couple of months ago targeting Mac users.

In July this year we reported on Keydnap malware targeting Mac users, stealing OS X system keychain and maintaining a permanent backdoor. Now, researchers have discovered the same malware in the website of a BitTorrent client called Transmission and yet again target is none other than Mac users.

Read: OmniRat Allows Cyber Criminals Hack Mac, Linux, Windows PC and Android Phones

The IT security researchers at ESET were the first one to discover this malware back in July and this time, it’s the same researchers who have exposed the OSX/Keydnap with additional capabilities of using Transmission BitTorrent client through its official website.

“During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.”

Currently, it is unclear how Transmission website was distributing OSX/Keydnap but according to ESET researchers, the malware has been removed from the site however those who downloaded Transmission client in the last couple of days should scan their Mac if it has been infected by Keydnap or not.

Remember, other than stealing OS X system keychain, the Keydnap malware keeps a permanent backdoor that can allow attackers to remotely target an infected Mac device. 

If you have download Transmission BitTorrent client, check if your system is compromised by testing the presence of any of the following file or directory:

  • /Applications/Transmission.app/Contents/Resources/License.rtf
  • /Volumes/Transmission/Transmission.app/Contents/Resources/License.rtf
  • $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/icloudsyncd
  • $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/process.id
  • $HOME/Library/LaunchAgents/com.apple.iCloud.sync.daemon.plist
  • /Library/Application Support/com.apple.iCloud.sync.daemon/
  • $HOME/Library/LaunchAgents/com.geticloud.icloud.photo.plist

Transmission has also started a Faq section dedicated to answering its users about Keydnap malware according to which:

“It appears that on or about August 28, 2016, unauthorized access was gained to our website server. The official Mac version of Transmission 2.92 was replaced with an unauthorized version that contained the OSX/Keydnap malware. The infected file was available for download somewhere between a few hours and less than a day.”

[fullsquaread][/fullsquaread]

Read: Torrent Sites Drop Malware to 12 Million Users Monthly, Earn $70 Million A Year

This is not the first time when Transmission was found delivering malware on Mac devices. In fact, the first ever Mac ransom malware was also spreading itself through Transmission’s website.

  • Tags
  • Apple
  • Cyber Crime
  • internet
  • Mac
  • Malware
  • Ransomware
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Hackers Stole 68M Dropbox Passwords (Change yours now)
Next article Electronic Arts, EA Servers Down? PoodleCorp claims it DDoSed Gaming Giant
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

32
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

74
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

99

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us