Home Short-News Short News: Transmission contains malware, many others contain a vulnerability.

Short News: Transmission contains malware, many others contain a vulnerability.

0

This time only a short roundup on two Mac OS X app problems. If you’re into BitTorrent and you’re using a Mac, you’ll most likely know “Transmission“. An user reported that a Keylogger was found in his download. An in-depth research about the transmission KeRanger infection has been released by paloalto networks. The following statement sums it up:

Users who have directly downloaded Transmission installer from official website after 11:00am PST, March 4, 2016 and before 7:00pm PST, March 5, 2016, may be been infected by KeRanger. (…) Users of older versions of Transmission do not appear to be affected as of now. – Researchers at paloalto

The second issue affects a large number of Mac Apps which use “Sparkle”, a third party framework which the apps use to receive updates. Affected are Adium, Coda, iTerm, Tunnelblick, VLC, Camtasia, uTorrent, Sequel Pro and many other. The framework is vulnerable to man-in-the-middle attacks which could run malicious code. Here is the Proof of Concept by vulnsec.com:

You should read the arstechnica and vulnsec article which cover all the technical details which I left out for my overview.

Huge thanks goes to Rel who submitted these two vulnerabilities through the IT-Security Security Alerts submission page. Remember that we have a new IT-Security Alert Mail service and that you can also receive those updates via RSS.