Don Kotlos Posted May 9, 2017 Share Posted May 9, 2017 https://arstechnica.com/security/2017/05/mac-users-installing-popular-dvd-ripper-get-nasty-backdoor-instead/ "Anyone who has installed version 1.0.7 should check the SHA1 checksum of the installation file. Readers can check this sum by opening the Mac terminal, typing "shasum /path/to/HandBrake-1.0.7.dmg" where "path/to" is the folder location where the installation file is found. (People can also type "shasum" in the Terminal and then drag the installation file into the Terminal window.) If the sum that's returned is "0935a43ca90c6c419a49e4f8f1d75e68cd70b274," the file is malicious. Anyone who installed the malware should take action as soon as possible. To disinfect a Mac, remove the Launch Agent plist file fr.handbrake.activity_agent.plist, and the activity_agent.app file located in ~/Library/RenderFiles/. Then reboot the machine. Once the Mac is disinfected, users should change all passwords." Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.