Transmission BitTorrent app once again infected with malware

Gatekeeper (Image credit: iMore)

Transmission, the popular Mac BitTorrent client that everyone only ever uses to download totally legit open source files, has once again been hijacked to serve malware. Perplexingly, it sounds like it was hijacked in the same way as last time.

ESET research reports:

Last month ESET researchers wrote an article about a new OS X malware called OSX/Keydnap, built to steal the content of OS X's keychain and maintain a permanent backdoor. At that time of the analysis, it was unclear how victims were exposed to OSX/Keydnap. To quote the original article: "It could be through attachments in spam messages, downloads from untrusted websites or something else."During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be "something else". It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.

I've never liked BitTorrent because it always felt like I was shoving a naked connection out onto the Internet. (I'm ridiculous that way.) This kind of thing only adds layers of tin to my foil hat. That's especially true because the way in which Transmission is being hijacked negates the defenses Apple builds into macOS (née OS X), including Gatekeeper.

Christina Warren, writing for Gizmodo (yup!):

It's not clear what is happening with Transmission, but at this point, I don't feel super comfortable recommending users use the software, at least, on the Mac. It's not acceptable for a major application—open source or not—to get hijacked this way twice in under six months.

If you think you might have downloaded Transmission while it was infected, Christina also tells you how you can check to make sure, and what you can do to disinfect if you have to.

Rene Ritchie

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.