The developers of Transmission can’t catch a break. Just months after their BitTorrent app was linked to the first known instance of Mac ransomware, security researchers at ESET have pinpointed another form of malware taking advantage of Transmission to infect Mac users. Keydnap, as it’s called, takes advantage of a modified version of Transmission (planted on the developer’s site without its knowledge) to attack your computer. It’s similar to the ransomware’s approach in more ways than just its choice of host app — it even uses a signing key to trick Apple’s Gatekeeper safeguard into letting it through.
The malware’s effect may be limited. Transmission only had the affected version available for about a day before they pulled it, and ESET has already told Apple about Keydnap about the relevant key. It’s just a matter of blocking that key to prevent the malware from running. Nonetheless, this is a reminder that even stringent system-level protections won’t always catch rogue code.
source: engadget.com by Jon Fingas