researchcenter.paloaltonetworks.com/.../
Developer certificate revoked for this one, and now supposedly cataloged in XProtect (however, my latest 10.8 XProtect is still showing 2/10 for last update--maybe doesn't affect 10.8?), but no reason to think it will stop with Transmission or other torrent clients. Will most likely move on to other kinds of downloads,/programs, not just torrent clients. $99 for Apple code signing certificate from Apple is cheap. The cost of doing business-- a trifle compared to the haul they can make in a few days before the certificate is revoked. As soon as one is revoked, they will just get another.
At the moment, can't gain persistence, but expect that won't last long. And probably won't take long before anyone can buy this as a kit.
Will Sophos stay on top of this, now and through the inevitable variations, and protect?
This thread was automatically locked due to age.