Trojan horse compromises Handbrake software


The popular video transcoding app Handbrake experienced a hack last week. Someone had gained access to its download distribution mirror and swapping out the legit application with one containing a trojan horse. The compromised software was available for download between May 2, 2017 and May 6, 2017.

Patrick Wardle has a good analysis of what the trojan horse does:

As with KeRanger and Keydnap, hackers targeted an official distribution website of legitimate macOS software. With access to HandBrake's mirror, they trojaned the legitimate application, meaning any user who downloaded the application would inadvertently infect themselves!

Luckily the trojaned disk image was only online for a few days. However as is often (always!?) the case, no anti-virus products flagged the malware :( So if you recently download HandBrake, unless you were running something like BlockBlock you'd likely have been infected.