Trojaned BitTorrent client
Recently news broke of the first ransomware attack that affects Apple computers. Tod Beardsley,
Security Research Manager at Rapid7, had this to say on the topic:
The Trojaned BitTorrent client, Transmission, illustrates the chain of trust that
end users of all stripes enter into and how it can break down. This incident appears
particularly sophisticated, since it involves a compromise of a software developer’s
distribution site and an unrelated and likely stolen signing key.
The fact that the compromise was discovered and mitigated in under a day means that
the end users of Transmission are at fairly low risk; victims would have had to have
downloaded the malicious disk image (DMG) installer and executed it in a relatively
Transmission is a solid and mature open source project, and I’m sure the maintainers
are investigating how the website compromise happened in the first place in order to
avoid getting Trojaned in the future.
Image Source: Pixbay