When Your Media Player Watches You – Trojan Infects Software Downloads for Macs
Users downloading a media player to watch videos on their Macs ended up being watched by cybercriminals using Trojan malware to spy on victims’ operating systems.
Unfortunately, that’s the case for the popular Mac OSX media player, Elmedia Player. A trojanized version of the program has hit the scene as a result of the developer’s servers being hacked by cybercriminals.
The compromised package was created in order to deliver the latest version of the Proton backdoor on a broad scale. Proton is a Trojan that poses as legitimate programs or files, such as Elmedia Player, in order to trick and entice users into unknowingly running it. Upon being launched, the Proton backdoor provides attackers with an almost full view of the compromised system, allowing the theft of browser information, keylogs, usernames and passwords, cryprocurrency wallets, macOS keychain data and more.
Users have been warned that if they downloaded the software prior to the October 19th disclosure (after which Eltima Software removed the program from the site), they run the risk of having their system infected by the malware. And since Elmeida boasts over one million users, it’s crucial we all start looking towards next steps.
Users can start by seeing if any of the following files or directories are on their system, which would mean the trojanized version of Elmedia Player has been installed:
If a user is in fact infected, the next step would be to undergo a full OS re-installation. And for Elmedia Player users who are wishing to run the program safely once more, fear not. Users are now able to download a clean version of Elmedia Player from the Eltima website, which has said to be now free of compromise.
The post When Your Media Player Watches You – Trojan Infects Software Downloads for Macs appeared first on McAfee Blogs.
More antivirus and malware news?
- Digging Deeper Into ANDROIDOS_CONTACTS.E’s Data Stealing Routines
- DHS’s Einstein Security System Has Limited Capabilities: Audit
- Virus hits Qatari natural gas giant
- Time Warner Cable says 320,000 customers may have been breached
- BlackBerry readies a more secure version of the Samsung Galaxy S7
- JPMorgan hackers altered, deleted bank records, says report
- Researchers Sinkhole Deep-Rooted "EITest" Infection Chain
- The Dropping Elephant – aggressive cyber-espionage in the Asian region
- US demanded access to encryption keys of email provider Lavabit
- White House Apparently Not Necessarily In Agreement With FBI’s Position On Encryption Backdoors