Skip to main content
  1. Home
  2. Computing
  3. News

Handbrake for Mac just had a brief but serious malware problem

Jon Martindale
By

Apple MacBook 13-inch Touch Pad
Bill Roberson/Digital Trends
The open source video transcoder program Handbrake, and more specifically its Mac version, had a serious security flaw last week. Although it has now been fixed, anyone who downloaded and installed the software between May 2 and May 6 should look to verify that their system is not infected with a nasty trojan.

Although Apple’s ’00s-era marketing suggested that its platform was essentially virus free, today that’s not really the case. Handbrake is the latest example of that, though it does seem like the developers quickly responded and have since cleared up the issue. They’ve also corresponded with Apple to see that OSX’s XProtect feature is aware of the malware and will keep its automated eyes open for it.

Recommended Videos

The trojan sneaked into the legitimate version of Handbrake through an infected download mirror server. From there it attached itself to Handbrake 1.0.7 and was downloaded by a number of users. According to the Handbrake team, around 50 percent of users who downloaded the software between May 2 and May 6 were routed to the infected server.

Related

With that in mind, Apple is now urging all those who did download the software during that period to perform some checks to see if they have been affected. The first step is to look out for the process “Activity_agent.” If it’s found to be running, then your system is infected. Another way is to compare your download’s checksum hash with the one listed on the official forum post.

If it turns out you are infected with the trojan, there are a few steps to take to remove it. They involve running terminal commands, followed by the removal of any HandBrake.app installs you have. You can find the full list of commands on the Handbrake forum linked above.

Unfortunately, though, you shouldn’t stop there. Once you have confirmed removal of the malware, then you need to change your passwords. One of the tasks that the trojan performs is password thievery, so any passwords you may have used since you installed Handbrake should be changed, as well as any that reside in your OSX KeyChain and any stored in the browser.

It might be a pain in the neck, but it’s an important step to mitigate any damage that the Proton-inspired malware might do.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Want a new iMac? It’s just been delayed to 2024, says analyst
Man using a 24-inch M1 iMac.

Just a few weeks ago, it seemed like Apple could launch a whole slate of new Macs in October. Now, the pool of expected Macs is getting smaller and smaller. That’s because a prominent analyst has put the final nail in the coffin of the idea that new iMacs are just around the corner.

According to industry expert Ming-Chi Kuo, the 24-inch iMac is due for an update in 2024. That might sound encouraging given they could only be a few months out, but it actually represents a delay compared to what we thought we knew previously.

Read more
Common macOS Sonoma problems and how to fix them
Apple's Craig Federighi presents new features in macOS Sonoma at the company's Worldwide Developers Conference (WWDC) in June 2023.

Apple’s latest operating system, macOS Sonoma, has launched, and it brings with it a bunch of great new features for your Mac. But upgrading your Apple computer could lead to problems, and while this won’t happen to everyone, it can be frustrating when issues arise.

Fortunately, there’s help at hand. We’ve put together a list of the most common macOS Sonoma problems and how to fix them. Just follow these tips and they could help you out of a tricky spot. We’ve added links to Apple’s official guidance throughout, so be sure to check them out for more assistance.
macOS Sonoma won’t download

Read more
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more