![]() ![]() Proton was only bundled with new downloads of the software, so any users who updated Elmedia or Folx on October 19 should also be safe. Users who downloaded the software after 3:15 p.m. Users who downloaded the Elmedia Player or Folx before 3:15 p.m. Apple has now revoked the Developer ID, and Elmedia has said they have taken steps to prevent future attacks against their servers.Įltima says that all the infected downloads happened on the same day: October 19, 2017. As a result, even though the wrapper was bundling malicious software with Elima’s genuine programs, Apple’s systems didn’t flag it. This wrapper was signed with an authenticated Apple Developer ID. ZDNet net says that the hackers built a “wrapper” around the media player and downloader apps. This is the same Trojan which was used in the Handbrake server hack a few months ago. Among other things, the Trojan can steal a user’s Keychain data, browser information, usernames, passwords, and keylogs. Once installed on a Mac, Proton lets attackers spy on the system and steal sensitive information. Proton is a Remote Access Trojan that targets Mac machines. Both programs were compromised and used to distribute the Proton malware. Folx is a download manager that users can implement for torrent downloads. The hackers bundled Elmedia Player and Folx with a Mac OS X Trojan called Proton.Įlmedia Player is a popular media player app that Eltima says is capable of recognizing “any file format you probably may think of.” The app also allows for HD video playback with no slowdowns and automatically fixes issues with video and audio syncing. According to a report from ZDNet, hackers recently managed to breach the Eltima Software servers. If you recently downloaded Elmedia Player or Folx-two Mac OS X programs from German-based developer Eltima Software-then your Mac may be infected with malware. Recent Downloads from Eltima Software Were Infected with Malware ![]()
0 Comments
Leave a Reply. |