Malware hidden in vid app is so nasty, victims should wipe their Macs
If you downloaded and installed stuff from Eltima, you are totally screwed
By Iain Thomson in San Francisco
20 Oct 2017 at 19:57
theregister.co.uk
It's going to be an unpleasant weekend for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications.
Eltima Software, which makes the popular Elmedia Player and download manager Folx, today confessed the latest versions of those two apps came with an unwelcome extra – the rather horrid OSX.Proton malware.
The software nasty, which was injected into downloads of the applications, was spotted by security shop ESET, which alerted Elmedia. A subsequent investigation revealed miscreants had got into the developer's servers, implanted the malware into the download files, and then let the company infect its users as they fetched the software.
Proton is a remote-control trojan designed specifically for Mac systems. It opens a backdoor granting root-level command-line access to commandeer the computer, and can steal passwords, encryption and VPN keys, and crypto-currencies from infected systems. It can gain access to a victim's iCloud account, even if two-factor authentication is used, and went on sale in March with a $50,000 price tag.
continues.... |
