Cyber Incident Victim: Transmission

On or about August 28, 2016, unauthorized individuals gained access to the servers hosting the Transmission BitTorrent client's official website. The attackers replaced the legitimate Mac OS X version of Transmission 2.92 with a maliciously modified file containing the OSX/Keydnap malware. This trojanised software functioned as a backdoor designed to compromise user systems and steal credentials. The compromised download remained available on Transmission's official distribution channel for a period estimated between several hours and less than twenty-four hours before detection. Transmission developers discovered the breach within hours of the file's upload and promptly removed the infected version from their servers. The incident did not affect users relying on automatic software updates, as the malicious file was distributed exclusively through manual downloads from the compromised website.

The Transmission team publicly acknowledged the security breach on September 1, 2016, confirming immediate removal of the infected file and initiation of an investigation. As a direct response to the incident, developers migrated their website infrastructure and all binary distribution to GitHub's platform to enhance security. This marked the second security incident affecting Transmission downloads in 2016, following a March event where attackers distributed OS X ransomware through similarly compromised installation files. The Keydnap malware incident's full impact remained undetermined, with no specific data disclosed regarding the number of affected users. Transmission committed to publishing additional findings from their ongoing investigation at an unspecified future date while maintaining operational continuity through the platform migration.