Source Code of Panic Apps Stolen by HandBrake Malware

HandBrake Malware

It’s been a tough week for Mac security. To begin with, Checkpoint cautioned users of a Trojan, and that was the first of its kind. What’s more, now, a standout amongst the most noticeable video transcoding applications for Mac has a malware issue.

Toward the beginning of May, a mirror download server, facilitating the popular Mac transcoder app HandBrake was compromised, and the genuine variant of HandBrake was replaced with an infected remote trojan OSX.PROTON, this gave the hacker an easy root access to a Mac.

An Engineer from Panic Inc first downloaded the Handbrake and that enabled the theft of the source code of Panic’s app. Panic offers a few application like Web editor Coda, FTP application transmit, Firewatch, SSH client prompt are offered by Panic.

It appears that hackers entered the Panic engineer’s PC through the infected HandBrake app and was able to steal the credentials, which included git qualifications. The attacker also managed to clone a few source code and then demanded “an extensive bitcoin payment”. Panic Inc was in no mood to pay the money to stop the release of the source code.

After the source code was stolen Panic conducted a survey of its log and noticed the theft was the only damage that was done. There was no sign that customer data was acquired by the hacker, nor the Panic Sync information was read or infringed with. And finally, there was no sign that the web server was compromised.

As pointed out by Panic, the source code for the applications was possibly used by the hackers to develop malware-infected forms of the app, so users ought to be watchful and download the Panic app just from the company’s website or from the Mac App Store.

Panic is closely following up with the FBI and Apple authorities. Apple’s security team is on standby to rapidly close down malware-infected version of Panic applications, while the FBI is effectively exploring the case.

Panic is asking users to inform them of any informal or unofficial variants of Panic app if they happen to come across, and that it is most likely to be carrying malware.

Related Blog: 

https://hackercombat.com/mac-os-malware-bypass-security-developer-certificates/

Julia Sowells321 Posts

Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register