Transmission - torrent client for mac

slowcure
Faith member

Posts: 137

Transmission - torrent client for mac Aug 31, 2016 16:55:54 GMT 1 steve likes this

Quote

Post by slowcure on Aug 31, 2016 16:55:54 GMT 1

Hello everybody,

I just read that Transmission has been infected with malware, for the second time in half a year. I understand it only concerns the version that was downloadable via the website (2.92) which was vulnerable only for a couple of days. The previously infected version was 2.90 (that happened in March).

Also because of these issues I haven't upgraded since version 2.84, which I still use. Actually I'm quite happy with Transmission, it's simple and works fine.

Do you have any thoughts on this, has anyone changed their client because of these security issues or do you still use Transmission and which version?

steve
Big Hand
random bootleg
*CRUMPET BOY*

Having trouble understanding Jane

Posts: 55,176

Transmission - torrent client for mac Aug 31, 2016 17:32:25 GMT 1 slowcure likes this

Quote

Post by steve on Aug 31, 2016 17:32:25 GMT 1

Thanks for the heads up.
More info, including removal tools I found here
gizmodo.com/mac-bittorrent-client-transmission-gets-infected-with-m-1785957214

The important information is

The malware-infected version of Transmission has a digital signature of Aug. 28, so ESET is advising anyone who downloaded Transmission 2.92 between Aug. 28-29 that their systems might be compromised.

If you think you might be affected, check for the existence of any of these files or directories:

/Applications/Transmission.app/Contents/Resources/License.rtf
/Volumes/Transmission/Transmission.app/Contents/Resources/License.rtf
$HOME/Library/Application Support/com.apple.iCloud.sync.daemon/icloudsyncd
$HOME/Library/Application Support/com.apple.iCloud.sync.daemon/process.id
$HOME/Library/LaunchAgents/com.apple.iCloud.sync.daemon.plist
/Library/Application Support/com.apple.iCloud.sync.daemon/
$HOME/Library/LaunchAgents/com.geticloud.icloud.photo.plist
If you see this stuff, ESET says it means that the malicious version of Transmission was executed and that “Keydnap is most likely running.”

So new downloads will not be affected, as Transmission removed the malware from their servers as soon as they discovered it.
If you did download it on the 2 days highlighted above, run the virus scans suggested by gizmodo to get rid of it.
There's also a script for advanced users to remove the dodgy files.
I always tend to wait a bit before upgrading Transmission because of the last infection (which I thankfully didn't have).
In any case, a good virus scanner is always worth having to hand as more cyber criminals try to get through Mac security.

Tear out the pages with all the bad news

slowcure Faith member Posts: 137	Transmission - torrent client for mac Aug 31, 2016 18:02:29 GMT 1 Quote Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by slowcure on Aug 31, 2016 18:02:29 GMT 1 Thanks Steve! Which virus scanner would you advise for Mac?

steve
Big Hand
random bootleg
*CRUMPET BOY*

Having trouble understanding Jane

Posts: 55,176

Transmission - torrent client for mac Aug 31, 2016 18:04:44 GMT 1 slowcure likes this

Quote

Post by steve on Aug 31, 2016 18:04:44 GMT 1

Aug 31, 2016 18:02:29 GMT 1 slowcure said:

Thanks Steve!

Which virus scanner would you advise for Mac?

I'd use either Sophos or Avast or ClamXav

edit: Sophos & ClamXav will detect both Mac & windows viruses, but ClamXav isn't free anymore.
Avast will only detect Mac viruses, so my top choice would be Sophos

Last Edit: Aug 31, 2016 18:27:34 GMT 1 by steve

Tear out the pages with all the bad news

slowcure Faith member Posts: 137	Transmission - torrent client for mac Aug 31, 2016 19:13:44 GMT 1 steve likes this Quote Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by slowcure on Aug 31, 2016 19:13:44 GMT 1 Many thanks Steve, this is really helpful!

steve
Big Hand
random bootleg
*CRUMPET BOY*

Having trouble understanding Jane

Posts: 55,176

Transmission - torrent client for mac Aug 31, 2016 19:31:01 GMT 1 slowcure likes this

Quote

Post by steve on Aug 31, 2016 19:31:01 GMT 1

Aug 31, 2016 19:13:44 GMT 1 slowcure said:

Many thanks Steve, this is really helpful!

No problem. & I would upgrade your transmission client if I were you.
Seems they get rid of the malware pretty quickly & downloads are now clean

Tear out the pages with all the bad news

Deleted Posts: 0	Transmission - torrent client for mac Aug 31, 2016 23:03:55 GMT 1 steve and slowcure like this Quote Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Deleted on Aug 31, 2016 23:03:55 GMT 1 I like Sophos ...

Announcements

Recent Threads

Transmission - torrent client for mac

Post by slowcure on Aug 31, 2016 16:55:54 GMT 1

Post by steve on Aug 31, 2016 17:32:25 GMT 1

Post by slowcure on Aug 31, 2016 18:02:29 GMT 1

Post by steve on Aug 31, 2016 18:04:44 GMT 1

Post by slowcure on Aug 31, 2016 19:13:44 GMT 1

Post by steve on Aug 31, 2016 19:31:01 GMT 1

Post by Deleted on Aug 31, 2016 23:03:55 GMT 1

TCC on Facebook

TCC On Twitter