Steven Frank compromised through infected version of Handbrake app.
Mildly misleading headlines aside, this isn’t about pointing fingers at people who should know better. In fact, it’s the opposite: if someone with this level of technological and computing know-how can become a victim of a malware attack, then anybody can. And how you recover from it says a lot about you and your company.
How it started
Backing up, this started with a compromised version of the video transcoding app Handbrake, which was available from genuine sources as an infected title. When Steven Frank, the founder of Mac and iOS software company Panic, accidentally downloaded the infected version and ran it, the end result was a hacker sifted through his network and stole passwords, source code for a few Panic app titles, and more.
To add insult to injury, the hacker had the nerve to demand a ransom payment for the safe return of the source code, a demand that Steven Frank promptly ignored. After all, the hacker obviously knows what he’s got and knows that it’s valuable, or he wouldn’t have offered it up for a hefty Bitcoin price. Therefore, paying the ransom is no guarantee that the files will be returned, or returned without being copied first.
Steven Frank’s blog post about the unfortunate ordeal describes not only how the infection took hold, but what the potential consequences for the company will be. The first two that he outlines – that someone sells “cracked” knock-offs of Panic’s apps, or that someone uses the source code to generate and sell malware-infected versions – are annoying, of course, but Panic is already working with Apple to help keep those possibilities as far from consumers as possible. The third possibility, that the hacker would sell the source code to Panic’s competitors, isn’t fun either, but the comeuppance for buying stolen property would be if the hackers inserted some malicious code into it before passing it along to a delighted competitor. That should be reason enough for anyone (re: anyone with common sense) to stay far away from this purchase.
It’s important to note that Panic has made some key discoveries in their own investigation of what happened, namely that no customer data was compromised (including credit card information since they used Stripe to process payments), all Panic Sync data was untouched, and the webserver wasn’t attacked.
Stay safe – protect your PC now! Download the latest security and anti-malware software right here on FileHippo – all for free.