For the second time in five months, Transmission BitTorrent client για Mac μολύνθηκε με malicious software.
Malicious software called OSX / Keydnap is designed to steal the keychain content into OS X systems and to maintain a backdoor backdoor.
According to ESET researchers who discovered malware:
"Κατά τη duration των τελευταίων ωρών, το OSX/Keydnap άρχισε να διανέμεται από μια αξιόπιστη ιστοσελίδα, μέσω της ανασύνθεσης του ανοιχτού κώδικα του BitTorrent client Τransmission."
The good news is that "within minutes" of being notified, the Transmission team removed the malicious files from their server. The bad news is that it is known how many people have downloaded the app.
Malware has a digital signature of 28 in August, so ESET advises anyone who downloaded Transmission 2.92 from 28 to 29 August to remove it directly from his system.
If you think you will be infected, check for any of the following files or folders on the paths:
/Applications/Transmission.app/Contents/Resources/License.rtf /Volumes/Transmission/Transmission.app/Contents/Resources/License.rtf $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/icloudsyncd $HOME/Library/Application Support/com.apple.iCloud.sync.daemon/process.id $HOME/Library/LaunchAgents/com.apple.iCloud.sync.daemon.plist /Library/Application Support/com.apple.iCloud.sync.daemon/ $HOME/Library/LaunchAgents/com.geticloud.icloud.photo.plist
If you see these files according to ESET says your system is infected.
If you have OSX / Keydnap on your system, you can remove it with a trusted antivirus. There is also a script on GitHub which you can run through the OS X terminal to delete the malicious software.