Skip to main content

Handbrake for Mac just had a brief but serious malware problem

Apple MacBook 13-inch Touch Pad
Bill Roberson/Digital Trends
The open source video transcoder program Handbrake, and more specifically its Mac version, had a serious security flaw last week. Although it has now been fixed, anyone who downloaded and installed the software between May 2 and May 6 should look to verify that their system is not infected with a nasty trojan.

Although Apple’s ’00s-era marketing suggested that its platform was essentially virus free, today that’s not really the case. Handbrake is the latest example of that, though it does seem like the developers quickly responded and have since cleared up the issue. They’ve also corresponded with Apple to see that OSX’s XProtect feature is aware of the malware and will keep its automated eyes open for it.

The trojan sneaked into the legitimate version of Handbrake through an infected download mirror server. From there it attached itself to Handbrake 1.0.7 and was downloaded by a number of users. According to the Handbrake team, around 50 percent of users who downloaded the software between May 2 and May 6 were routed to the infected server.

With that in mind, Apple is now urging all those who did download the software during that period to perform some checks to see if they have been affected. The first step is to look out for the process “Activity_agent.” If it’s found to be running, then your system is infected. Another way is to compare your download’s checksum hash with the one listed on the official forum post.

If it turns out you are infected with the trojan, there are a few steps to take to remove it. They involve running terminal commands, followed by the removal of any installs you have. You can find the full list of commands on the Handbrake forum linked above.

Unfortunately, though, you shouldn’t stop there. Once you have confirmed removal of the malware, then you need to change your passwords. One of the tasks that the trojan performs is password thievery, so any passwords you may have used since you installed Handbrake should be changed, as well as any that reside in your OSX KeyChain and any stored in the browser.

It might be a pain in the neck, but it’s an important step to mitigate any damage that the Proton-inspired malware might do.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more
In the age of ChatGPT, Macs are under malware assault
A person using a laptop with a set of code seen on the display.

It's common knowledge -- Macs are less prone to malware than their Windows counterparts. That still holds true today, but the rise of ChatGPT and other AI tools is challenging the status quo, with even the FBI warning of its far-reaching implications for cybersecurity.

That may be why software developer Macpaw launched its own cybersecurity division -- dubbed Moonlock -- specifically to fight Mac malware. We spoke to Oleg Stukalenko, Lead Product Manager at Moonlock, to find out whether Mac malware is on the rise, and if ChatGPT could give hackers a massive advantage over everyday users.
State-sponsored attacks

Read more
Apple’s serious miscalculation with the 15-inch MacBook Air
Apple's 15-inch MacBook Air placed on a desk.

Did Apple overestimate demand for a larger MacBook Air? A recent report suggests Apple reduced orders from its supply chain, indicating sales of the largest budget MacBook fell short of expectations.

According to DigiTimes, which specializes in supply chain news, 15-inch MacBook Air sales seem to be off to a bad start. People with knowledge of the matter are reported to say that Apple cut the shipment volume by half in July 2022.

Read more