When Your Media Player Watches You – Trojan Infects Software Downloads for Macs
Users downloading a media player to watch videos on their Macs ended up being watched by cybercriminals using Trojan malware to spy on victims’ operating systems.
Unfortunately, that’s the case for the popular Mac OSX media player, Elmedia Player. A trojanized version of the program has hit the scene as a result of the developer’s servers being hacked by cybercriminals.
The compromised package was created in order to deliver the latest version of the Proton backdoor on a broad scale. Proton is a Trojan that poses as legitimate programs or files, such as Elmedia Player, in order to trick and entice users into unknowingly running it. Upon being launched, the Proton backdoor provides attackers with an almost full view of the compromised system, allowing the theft of browser information, keylogs, usernames and passwords, cryprocurrency wallets, macOS keychain data and more.
Users have been warned that if they downloaded the software prior to the October 19th disclosure (after which Eltima Software removed the program from the site), they run the risk of having their system infected by the malware. And since Elmeida boasts over one million users, it’s crucial we all start looking towards next steps.
Users can start by seeing if any of the following files or directories are on their system, which would mean the trojanized version of Elmedia Player has been installed:
If a user is in fact infected, the next step would be to undergo a full OS re-installation. And for Elmedia Player users who are wishing to run the program safely once more, fear not. Users are now able to download a clean version of Elmedia Player from the Eltima website, which has said to be now free of compromise.
The post When Your Media Player Watches You – Trojan Infects Software Downloads for Macs appeared first on McAfee Blogs.
More antivirus and malware news?
- An IoT botnet is partly behind Friday’s massive DDOS attack
- Resolved: IT Service Desk Listserv SPAM Quarantine Notices
- Esthost/Rove Digital Mastermind Pleads Guilty, Faces Six-Year Sentence
- Penn State Access Account authentication service upgrade July 25
- Apple paid undisclosed sum to release U2’s "Songs of Innocence" for free
- New e-mails reveal Feds not "forthright" about fake cell tower devices
- How big data is transforming information security
- Web attacks use smart redirection to evade URL security scanners
- Welcome to Zmap, the “one hour turnaround” internet scanner
- Mile-High Hacking: Should You Worry?