What can the average user do about this? Although it will seem to be inconvenient, it’s important to check the certificate used to sign an app before opening it.
#Torrent mac francais mac os x#
As far as Mac OS X was concerned, it was a legitimate app with a proper code signature, and the user would never know it was signed with a certificate owned by someone other than the developer. However, without third-party tools or technical knowledge, the user has no way of knowing who actually signed the app… only that Mac OS X isn’t preventing them from opening it.īoth times the Transmission app has been replaced with a maliciously-altered copy, those copies were actually codesigned. Recent versions of Mac OS X will not, by default, open an app that isn’t codesigned. Mac apps are typically codesigned, meaning that the app’s code has been cryptographically signed using a certificate provided to the developer by Apple. The core of the issue, above and beyond the issue of hacking a website, is that it is trivial to hack an app without most users noticing. To be fair, such a hack could easily be repeated with many other small Mac developers who don’t have adequate security practices.
#Torrent mac francais mac torrent#
With other Mac torrent apps (such as uTorrent) guilty of installing adware on the user’s Mac, it’s may be difficult to find one worthy of trust. If you’re using a different torrent app, be very cautious about which one and how you use it. This does not seem to me to be something that should easily happen to a company that is serious about security. Although I have no knowledge of Transmission’s code, the fact that the developer’s site has been hacked to distribute malware twice in a relatively short period of time does cause me a great deal of concern. Any app that opens up your computer to remote connections by strangers is a potentially highly dangerous app.Īs you would expect, although there are ways to do this kind of thing fairly safely, a lot of that safety depends on the quality and security of the app’s code. Thus, torrent apps can be a huge hole in your Mac’s security if they aren’t properly configured or have vulnerabilities that can be attacked remotely.
#Torrent mac francais download#
(Torrents are designed to facilitate peer-to-peer downloads, meaning that you download from other people rather than from a central server that may get bogged down.) After all, a torrent client is not only a downloader, it is also a server, designed to allow strangers to download from your computer. More generally, any time you are running something like a torrent client, you are giving a lot of trust to that program. Although security can never be 100% perfect, it is concerning that they’ve been hacked twice in such a short period, in such a similar manner. One would have expected the Transmission team to have learned from the first incident and taken steps to prevent it from happening again. There’s good reason to be questioning the safety of Transmission right now.
However, there are a couple important takeaways from these incidents. It seems likely that both pieces of malware may have been made by the same individual(s), and may be reasonable to speculate that the perpetrator could have some inside knowledge that has aided in gaining access to the Transmission website. Not only have they both been distributed through a Transmission hack, but there are some similarities in the code added to Transmission in both cases. More interesting is the fact that this incident seems to indicate that KeRanger and Keydnap may be related. There are a few differences, but none are particularly interesting, other than its method of distribution. Assuming that this is the same Igor, it seems likely that this could be a case of a stolen certificate being used to sign malware.Īll in all, this is not greatly different from the previous Keydnap variant. The malicious copy of Transmission was signed using an Apple developer certificate that appears to be owned by Igor Shaderkin, and someone by the same name has several medical apps in the iOS App Store. Thus, as with KeRanger, which was also quickly detected and taken down, the total number of people infected is likely to be small, though that’s no consolation to those few. According to ESET, the malware appears to have been distributed only since around August 28th or 29th, and was quickly taken down by the Transmission team after being notified of the issue. The recent incident was discovered by ESET, the original discoverer of Keydnap. Transmission has once again become a vector for the transmission of malware – in this case, a new variant of the Keydnap backdoor. That incident was very well-publicized, as the malware being distributed this way was the KeRanger ransomware, which is currently the only real ransomware ever to affect the Mac platform.Īlmost exactly six months later, the story has repeated. In March, the website of the Transmission torrent client was hacked, and a maliciously-altered copy of Transmission was uploaded in place of the real one.
0 kommentar(er)
