Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
BitTorrent Client Transmission Again Victimized by OS X Malware
- Thread starter MacRumors
- Start date
- Sort by reaction score
I'm with you. And I'm pretty sure I haven't actually updated Transmission since I installed it. Looks like that's turning out to be the correct strategy.
I use 1.8.8 build 40420. Not sure what the terms are here on these forums but if they allow it, i can upload it and post it somewhere
The package was signed by a genuine Apple certificate. There has been talk of certificates being on the loose before. And the similarity to KeRanger can't be a coincidence.
Can it bypass gatekeeper on the highest setting or on the middle setting?
I'd say you're asking for trouble when using software that is associated with downloading pirated works. When it all goes bad it's like calling the cops because someone stole your drugs.
I'd say you're asking for trouble when using software that is associated with downloading pirated works. When it all goes bad it's like calling the cops because someone stole your drugs.
..and still 32 bit.....
[doublepost=1472595345][/doublepost]
Well, that is never going to happen.
[doublepost=1472595452][/doublepost]
Only if you downloaded the app on the 29 of August or later, you are in trouble. If not you are good to go.
The last update was in March after the first attack, since than there hasn't been an update. Unless you downloaded the app on 29 August or later, you do not need to worry....at least for now.
[doublepost=1472595893][/doublepost]Anything on Apple updating Gatekeeper to deal with this?
It can actually, and has happened. While the review process is a safety, its not fool proof.
Well it's easy to blame the developer, but consider what Transmission can be used to do. How much would an entity like the MPAA be prepared to invest in disrupting torrent distribution? I would think a humongous sum, and they could hire some of the most badarsed h4XXOr5 to make it happen.
How much chance does a small developer stand against hacking that rises to the sophistication level of state sponsored cyber warfare?
How much chance does a small developer stand against hacking that rises to the sophistication level of state sponsored cyber warfare?
Nope. The kind folks at RIAA have had their way. Lots of folks do it, but it isn't legal.
No, but there's a free app that will remove the DRM for playback in any video player. The catch is it only works with an older version of iTunes.
[doublepost=1472602876][/doublepost]As for Transmission, I have never tried it and after the last malware scare decided I never will.
Dang. I guess I’ll just have to spend $50 on the Tune4Mac DRM ripper.
[doublepost=1472604418][/doublepost]
Oh, okay. Admittedly, a $50 DRM ripper is a lot cheaper than re-buying all of my iTunes videos on Blu-Ray or DVD and then ripping the discs, especially since I don’t have a Blu-Ray drive.
Last edited:
If the first time wasn't obvious then a second time should be that they need to get their act together.
A quick question, how was it done? The way I read it, (or the impression it gave me) was that the website was compromised, so it started spreading infected version of the app. Normally I'd assume an infected app was uploaded to a different website, but in this case, I don't understand how the developers behind the app could let it happen twice.
This hasn't actually been tested in court IIRC.
There was a guy who torrented a bunch of movies he owned on disc and the studios tried to start a suit against him (sorry, can't find info on it right now) -- but they suddenly decided to drop the case after they found out he was actually very wealthy and willing to go to court on the matter. The studios thought he would just roll over and pay their settlement extortion and were afraid they would lose in court -- setting a precedent that they would have to show a target for such lawsuits did not own the copyrighted work in question before they could sue them.
The issue is the movie studios are trying to have their cake and eat it, too. They want to claim when you buy a movie on disc you are not really buying the movie to do with as you please, you are only buying a license to view the movie. But if that's true it means they would have to supply replacements for scratched DVDs and such because the consumer would still be a legal owner of a license in the event of physical media damage, and the studio would be denying the consumer use of the license they paid for otherwise.
A blu-ray drive can be bought for less than $50 on sale. It's also noteworthy that many times movies can be bought on blu-ray for the same or less than you can get them on iTunes. So financially, it would make more sense to stop buying stuff on iTunes and just buy the actual disc and rip your own digital copy (this also keeps you off illegal torrents). If you have a NAS and a decent Internet connection you can even host this digital copy on your own private streaming service to access away from home.
There's a big world of possibilities when you don't restrict yourself to Apple's little walled playground.
Being in the App Store does not prevent an app from being malicious. The review process is fallible and some bad things have slipped through.
Sandboxing prevents apps from accessing or writing to any directory users do not explicitly authorize. Even then, if the binary was still infected in some way, it could still write infected files to the directory the user authorized. The only thing sandboxing would stop would be the spread of the infected files to non-confined directories.
When the security of my Mac is concerned, I love boring.
[doublepost=1472634812][/doublepost]
When you sign up as an Apple Developer, you can add people to your account in various roles, for example administrator, financial, developer and so on, and these people can do different things. An administrator can add more people, including developers, who then have code signing keys. So if you have either a rogue developer in your company, or a rogue administrator in your company who adds a criminal developer, then you have a person with code signing keys who can put apps to the store for review which look to Apple, to everyone's Mac, and to the rest of the world, as if they come from your company.
Or you might have fired a developer or admin with the required rights, and not removed them from your Apple account, and years later they might turn criminal. Or someone might steal a badly protected computer from the right person.
[doublepost=1472634954][/doublepost]
The only problem with this is that if the MPAA was caught, that could be sooooo expensive, and I'm quite sure people would go to jail for this.
[doublepost=1472635039][/doublepost]
That has happened. And the police made two arrests for the price of one.
Updates are always safe because it checks an additional digital signature that can be created only by Transmission developers (and hopefully the private key is not kept on the server).
So the malware was only if the version downloaded manually from the website.