Developers of the Transmission BitTorrent client have admitted that hackers replaced downloads of its file-sharing software with trojanised code.
The hack, detected within hours, was designed to spread a Mac OS X backdoor, Keydnap, which steals user credentials. It’s unclear how many people were affected. The dodgy file was not made available through an auto-update.
In an FAQ, Transmission’s developers explained that the poisoned file was removed from the server immediately upon its discovery, and less than 24 hours after its was first uploaded.
It appears that on or about August 28, 2016, unauthorised access was gained to our website server. The official Mac version of Transmission 2.92 was replaced with an unauthorised version that contained the OSX/Keydnap malware. The infected file was available for download somewhere between a few hours and less than a day.
The team behind Transmission has decided to migrate its website and all binary files from its current servers to GitHub. Tranmission’s developers are in the process of investigating the incident, with a promise to report back their findings at a future (unspecified) date.
It’s note the first time Transmission fans have been faced with doppelganger downloads. Back in March, OS X ransomware smuggled itself into Transmission downloads.