The developers of an open-source transcoder app warned users some installers for the Mac version of HandBrake may have malware after they discovered a compromised mirror download server.
On May 6, HandBrake said users who downloaded the software between May 2 and May 6 have a “50/50 chance” they also got a Proton Trojan that could allow remote access to their computers, We Live Security reported.
“If you see a process called ‘Activity_agent in the OS X Activity Monitor application, you are infected,” the alert said.
Mac Rumors said users with versions 0.10.5 and earlier should check their systems, but versions 1.0 and later aren’t affected.
Apple pushed out a signature feature to prevent new infections and HandBrake suggests users change all passwords stored in the operating system keychain and browsers, according to Threatpost.