A type of malware that targets Mac users has been unknowingly distributed by the maker of popular MacOS and Windows apps, according to cybersecurity vendor ESET.
Overnight, ESET said its researchers discovered a version of Eltima’s Player software, available through Eltima’s official website, that was “trojanized” with the OSX/Proton malware. It is not yet known who hijacked Eltima’s software with the malware.
ESET informed Eltima of the issue with its Elmedia Player immediately, and within hours Eltima confirmed it had removed the version of its media player bundled with the malware and resumed serving a legitimate application again.
“As far as we know, only the version downloaded from the Eltima website contains the trojanized application. The built-in automatic update mechanism seems unaffected,” said ESET.
Silicon contacted contacted Eltima in Europe but was told the company had no personnel to deal with press. ESET said Eltima was very responsive and “maintained an excellent communication with [ESET] throughout the incident”. The OSX/Proton malware is a backdoor with data stealing capabilities discovered earlier 2017. It has the ability to steal operating system details, browser information from a plethora of web browsers, and can infiltrate cryptocurrency wallets including Electrum and Bitcoin Core.
If you’re an Elmedia user, and are worried that your machine may have been compromised, ESET advises on steps to take on the We Live Security blog post. Silicon has contacted ESET for more information.
“If you have downloaded that software on October 19th before 3:15pm EDT and run it, you are likely compromised,” said ESET. “As with any compromission with a administrator account, a full OS reinstall is the only sure way to get rid of the malware. Victims should also assume at least all the secrets outlined in the previous section are compromised and take appropriate measures to invalidate them.”
Put your knowledge of artificial intelligence to the test. Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…