HandBrake video transcoder is a free tool which converts video from nearly any format to a selection of modern, widely supported codecs for Mac. It is very popular and has a user-friendly interface.
But the company’s reputation has taken a toll as several installation files of this app have been infiltrated by Trojans, according to the owners.
Yes, you heard it correctly! If you have downloaded HandBrake between May 2 to May 6, your Mac might be infected with a version of OSX.PROTON trojan malware.
HandBrake’s creators said: “Anyone who installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have a 50/50 chance if you’ve downloaded HandBrake during this period.”
OSX.Proton is a Trojan horse that opens a backdoor, steals important information, and downloads potentially malicious files onto the compromised computer. Moreover, it can send screenshots of your system to the hackers. It has potential to let the hacker take over the machine as well.
How to check: If You Are Infected
To know whether your Mac is infected, open the OS X Activity Monitor. Check for a process named “activity_agent” if you find it then, you’re infected.
Similarly, go to the Downloads folder, search for HandBrake.dmg file. If you get the below checksums, in case, your system is hacked:
Don’t get sad! Apple has now released a new signature to prevent this types of infections in future.
Steps to remove the Spyware:
Now, you know that your Mac is infected, you must be wondering how to remove it. Here, we have the solution to it:
- Open the ‘Terminal’ on your Mac. You can type Terminal in Spotlight and search for it.
- Enter the following commands:
- launchctl unload ~/Library/LaunchAgents/fr.handbrake.activity_agent.plist
- rm -rf ~/Library/RenderFiles/activity_agent.app
- if ~/Library/VideoFrameworks/ contains proton.zip, remove the folder
Once you have followed the steps, you need to delete all files HandBrake.app installs. We strongly recommend changing all the passwords along with the login credentials for your Mac. These steps will help you in getting rid of this infection on your Mac.
With all said and done, the cybercriminals have not spared any of the apps or medium to hack your privacy. Hence the only thing that could protect your personal data and privacy is by being extremely careful!