Transmission BitTorrent client infected with malware... AGAIN

31 August 2016, 01:04

Feature head image

Security researchers have identified a malware infection in the official Transmission 2.92 update for Mac OS X, offered for download via the official Transmission website. The infected binary file was digitally signed, so users would not be aware the download was not official.

Transmission developers have acknowledged the problem and removed the infected binary. They say the 2.92 update offered within the app’s own update mechanism did NOT contain the malware. Mac Kung Fu’s test Mac had already received the update and showed no sign of infection.

The Transmission download was infected with the OSX/Keydnap malware, which raids the user’s Keychain file, sending usernames and passwords to a control server, and then maintains an open backdoor on the system.

The Transmission developers say the infected download was available “somewhere between a few hours and less than a day“. The developers provide instructions on how to clean-up the infection here.

This is the second time this year the official Transmission Mac binary has been infected with malware. In March the Transmission server was hacked and the official OS X 2.90 download replaced with one infected with OSX.KeRanger.A malware.

It’s not unnatural to speculate that either the security hole used by hackers to infiltrate the server back in March wasn’t successfully closed, or even that a rogue member of the Transmission team might be responsible for the malware. Either way, this is a huge embarrassment for the app, and will surely drive away users.

In the somewhat wild west world of BitTorrent clients, malware infections are not rare. It’s claimed even the official BitTorrent client is currently infected with malware, for example, while the Utorrent app has experienced frequent malware and adware accusations.

Nonetheless alternatives to Transmission do exist on Mac OS X, such as qbittorrent and Deluge. Although we at Mac Kung Fu stop short of providing recommendations for either app, simply because we haven’t used either, they are both respected projects within the BitTorrent community.

Leave a comment...

OMG! Again? I’m not sure that this won’t happen again. I have switched to Folx right after 1st transmission attack, happy with it

— Darun Smith · Sep 1, 06:09 AM · #