The Apple's Mac computers were hit with a rare ransomware attack over the weekend. The culprit: the popular Transmission filesharing software which makes it possible for users to download copyrighted movies, academic articles, software and other media content for free.
The cybersecurity company Palo Alto Networks revealed Sunday that a fully functional strain of ransomware known as “KeRanger” has infected an unknown number of Mac owners who were running the Transmission BitTorrent client installer (version 2.90) on OS X. It’s a malicious software attack that, once it’s downloaded, encrypts the data on a victim’s machine and forces them to pay a single bitcoin (roughly $400) within three days or lose their information forever.
“The fact that the compromise was discovered and mitigated in under a day means that the end users of Transmission are at fairly low risk; victims would have had to have downloaded the malicious disk image (DMG) installer and executed it in a relatively short window,” said Tod Beardsley, security research manager at the cybersecurity company Rapid7.
That said, for filesharers, it's probably time to look for an alternative. Here are some options:
The best alternative: Deluge
The most appealing Transmission alternative is also the oldest. Deluge, available for Mac or Windows users, was initially released in 2005 and has been consistently updated in the decade since. It has a reputation as the most nimble torrent client, with speedy downloads made possible by the lack of additional unnecessary software included on popular programs like uTorrent and Vuze.
Deluge is also open-source software, meaning anyone can access the source code and customize their experience. Users have developed a range of plug-ins for Deluge, including options to automatically download torrents from specific uploaders, to organize torrents and employ other features.
The worst alternative: uTorrent
You’d think that the more than 150 million people who use uTorrent every month can’t possibly be wrong. Actually, they are.
Once, using uTorrent was the one thing the normally contentious piracy community could agree on. That was years ago, before the software, released by BitTorrent Inc., began hijacking user’s computers to mine for cryptocurrency without their knowledge. Not only did that mining poison user trust, it sucked computer’s processing power and slowed other machine functions, including legitimate download progress.
Since then, uTorrent has been busted serving a malware-infused pop-up advertisement that, while promising to update Internet Explorer, secretly made it possible for hackers to steal user information. Researchers also found a security vulnerability in uTorrent and Vuze (another client to avoid) last year that enabled attackers to redirect uTorrent traffic toward a single website, taking the targeted site offline. That’s known as a distributed denial-of-service attack, and it’s the same type of harassment used by Anonymous hackers and the Chinese government.
The best uTorrent-if-you-don’t-want-uTorrent alternative: qBitTorrent
qBitTorrent, which rose to prominence amid questions about uTorrent’s trustworthiness, is as simple as uTorrent, without any of the hassle. There are no ads in qBitTorrent, and it’s all open source, so anyone with the right knowledge can see exactly what they’re downloading and make any necessary adjustments. qBitTorrent is regularly praised on Reddit and other active torrent communities, where users celebrate the “download in sequential order” button and other similar perks.
The no-alternative-necessary alternative: Transmission
For many users, deleting a trusted torrent app is the equivalent to dumping a real-life partner in crime. That program provided countless hours of entertainment, maybe making it possible to watch Hollywood movies before they’re out of theaters, or save hundreds of dollars by stealing college textbooks. So it’s understandable if longtime Transmission users aren’t willing to bail after reports of ransomware.
But tread carefully.
The Palo Alto report that first disclosed the ransomware attack also noted that Transmission’s website had been compromised. Anyone who downloaded Transmission between March 4 at 11:00 a.m. PST and 7:00 PST on March 5 is at risk of infection, though the developers have since released a new version, version 2.91, they claim is safe.