Handbrake users should note that the primary download mirror and the Handbrake website were unaffected by the hack. Apple initiated the process to update its XProtect definitions on Saturday and the update should already be rolling out to machines silently and automatically. Apple updated its macOS security software XProtect in February to defend against the original Proton malware. The malware in question is a new variant of OSX.PROTON, a Mac-based remote access trojan that gives the attacker root-access privileges. As an extra security recommendation, users should also change all the passwords that may reside in their OSX Keċhain or in any browser password stores. Users should then remove any installs of the Handbrake.app they have on their system. if ~/Library/VideoFrameworks/ contains proton.zip, remove the folder.rm -rf ~/Library/RenderFiles/activity_agent.app.launchctl unload ~/Library/LaunchAgents/fr.handbrake.activity_ist.To remove the malware from an infected computer, users need to open up the Terminal application and run the following commands: "If you see a process called 'Activity_agent' in the OS X Activity Monitor application, you are infected," read the alert. The affected server has been shut down for investigation, but developers are warning that users who downloaded the software from the server between 14:30 UTC May 2 and 11:00 UTC May 6 have a 50/50 chance of their system being infected by a trojan. The alert was issued on Saturday after it was discovered that the original HandBrake-1.0.7.dmg installer file on mirror server had been replaced by a malicious file. The developers of open source video transcoder app Handbrake have issued a security warning to Mac users after a mirror download server hosting the software was hacked.
0 Comments
Leave a Reply. |