← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OSX/Proton spreading again through supply-chain attack
During the last hours, ESET researchers noticed that Eltima, the makers of the Elmedia Player software, have been distributing a version of their application trojanized with the OSX/Proton malware on their official website. ESET contacted Eltima as soon as the situation was confirmed. Eltima was very responsive and maintained an excellent communication with us throughout the incident.
Indicators of Compromise (14)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | eltima.in | — | 2017-10-20 | |
| domain | handbrake.cc | — | 2017-10-20 | |
| domain | handbrakestore.com | — | 2017-10-20 | |
| FileHash-SHA1 | 0400b35d703d872adc64aa7ef914a260903998ca | — | 2017-10-20 | |
| FileHash-SHA1 | 10a09c09fd5dd76202e308718a357abc7de291b5 | — | 2017-10-20 | |
| FileHash-SHA1 | 30d77908ac9d37c4c14d32ea3e0b8df4c7e75464 | — | 2017-10-20 | |
| FileHash-SHA1 | 3ef34e2581937babd2b7ce63ab1d92cd9440181a | — | 2017-10-20 | |
| FileHash-SHA1 | 795b8bcadcaaf56dac7cfddf44f97a32aaaa4987 | — | 2017-10-20 | |
| FileHash-SHA1 | 8cfa551d15320f0157ece3bdf30b1c62765a93a5 | — | 2017-10-20 | |
| FileHash-SHA1 | 9e5378165bb20e9a7f74a7fcc73b528f7b231a75 | — | 2017-10-20 | |
| FileHash-SHA1 | c9472d791c076a10dce5ff0d3ab6e7706524b741 | — | 2017-10-20 | |
| FileHash-SHA1 | ef5a11a1bb5b2423554309688aa7947f4afa5388 | — | 2017-10-20 | |
| FileHash-SHA1 | e9dcdae1406ab1132dc9d507fd63503e5c4d41d9 | — | 2017-10-20 | |
| YARA | f1404b78a544772eb1205f596593fc1da342801f | https://www.hackread.com/hackers-selling-undetectable-proton-mac-malware/ | 2017-10-20 |