HandBrake Video Transcoder for Mac’s Download Server Hacked, App Infected With Trojan

HandBrake Video Transcoder for Mac's Download Server Hacked, App Infected With Trojan

Earlier this year, HandBrake video transcoding tool was final upgraded to version 1.0.0 after 13 years in development and with the update, several changes and support for new devices were added. The crucial development has now been followed by a setback as the team behind HandBrake issued a warning specifically for Mac users on Saturday saying that a download server hosting the software was hacked, and the app that was available for download infected with a Trojan malware.

As per the warning issued by HandBrake, users who downloaded the software between May 2 and May 6 need to check whether their system is infected with a Trojan malware that’s a variant of OSX.PROTON. In HandBrake’s own words, “You have 50/50 chance if you’ve downloaded HandBrake during this period.”

In order to check whether you have been infected or not, you need to see if there is a process called “Activity_agent” in the OSX Activity Monitor application. If you do see this application, you have been infected. In order to remove the Trojan, you need to run a particular set of commands, mentioned on the forum by the HandBrake team.
Then you need to remove any “HandBrake.app” installations that you might have on your system. “Based on the information we have, you must also change all the passwords that may reside in your OSX KeyChain or any browser password stores,” HandBrake said.

HandBrake says that the team has been informed by Apple that the process to update the definitions for OSX’s XProtect feature started on Saturday and should start rolling out to machines automatically soon if not already.