Don Kotlos Posted May 9, 2017 Share Posted May 9, 2017 https://arstechnica.com/security/2017/05/mac-users-installing-popular-dvd-ripper-get-nasty-backdoor-instead/ "Anyone who has installed version 1.0.7 should check the SHA1 checksum of the installation file. Readers can check this sum by opening the Mac terminal, typing "shasum /path/to/HandBrake-1.0.7.dmg" where "path/to" is the folder location where the installation file is found. (People can also type "shasum" in the Terminal and then drag the installation file into the Terminal window.) If the sum that's returned is "0935a43ca90c6c419a49e4f8f1d75e68cd70b274," the file is malicious. Anyone who installed the malware should take action as soon as possible. To disinfect a Mac, remove the Launch Agent plist file fr.handbrake.activity_agent.plist, and the activity_agent.app file located in ~/Library/RenderFiles/. Then reboot the machine. Once the Mac is disinfected, users should change all passwords." Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now