Start United States USA — IT Popular video-encoding Mac app HandBrake compromised with malware

Popular video-encoding Mac app HandBrake compromised with malware

592
0
TEILEN

If you’ ve recently downloaded HandBrake, be sure to check out this removal guide
The creators of media transcoding program HandBrake have issued a statement warning that certain downloads of the installer for the Mac version of the app may contain a Trojan virus.
Downloading the app between May 2 (14: 30 UTC) and May 6 (11: 00 UTC) from the “download.handbrake.fr” mirror means you have a 50-percent chance of being infected with the Trojan. Automatically updated apps (using updater version 1.0 and above) , and files downloaded from the primary mirror are unaffected.
The attackers replaced the usual HandBrake installer file, titled ‘HandBrake-1.0.7.dmg’ , with a version that also contained the Trojan virus, so checking if you have this file on your system and seeing when it was downloaded is the first step to identifying the threat.
If you still have the installer file, you can also check if it has either of the following checksums, which likewise indicate that it contains the Trojan.
For a step-by-step on determining a file’s checksums, check out this how-to .
Removing the malware is thankfully quite simple. Open the Terminal by searching for it in the Launchpad and type the following commands (without the bullet point) , hitting enter after each line.
Once you’ ve done this, open your Applications folder and remove any instances of Handbrake.app there (or any other locations you may have installed it to) .
Because this Trojan targets passwords and sensitive information, if you’ ve been infected it’s recommended you change all passwords that are stored in Apple’s macOS KeyChain or any similar password-storing services, such as browser-based password stores. Note that deleting passwords from these services isn’ t sufficient — you’ ll need to actually change each password that has been stored in one of these locations, as they could have already been sent to the Trojan’s creators.

Continue reading...