six colors

by Jason Snell & Dan Moren

Support this Site

Become a Six Colors member and get access to an exclusive podcast, private community, and monthly newsletter!

Linked by Dan Moren

BitTorrent client Transmission once again infected by malware

Whoops. Transmission, the BitTorrent client that was hit by injected malware back in March seems to have been targeted again:

Last month ESET researchers wrote an article about a new OS X malware called OSX/Keydnap, built to steal the content of OS X’s keychain and maintain a permanent backdoor. At that time of the analysis, it was unclear how victims were exposed to OSX/Keydnap. To quote the original article: “It could be through attachments in spam messages, downloads from untrusted websites or something else.”

During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.

The malware in question sounds very similar to the one that Transmission was hit with last time. ESET runs down the files to look for if you think you may have been compromised; they believe it affected anybody who downloaded Transmission 2.92 from August 28th, 2016 to August 29th, 2016.

As with last time it doesn’t seem to have affected those who simply have Transmission on automatic updates, but details are still unclear.