Specialists from ESET have found that the Elmedia Player download has been bound with Proton malware and has already breached a few Mac gadgets.  In spite of the fact that Apple has constantly averred that their gadgets are the most secure available, obviously, the Elmedia Player malware proves otherwise.

The Proton malware was quietly added to Apple’s XProtect definitions toward the beginning of March, and very little attention was given to it at the time.  At that point, last May, one of the servers for the well-known Handbrake programming was allegedly hacked, bringing about the circulation of a Proton-tainted duplicate of Handbrake for a four-day time frame.

On the other hand, the newly-infected program, the Elmedia media player is a versatile app for MAC OS which can play almost any file format such: FLV, MP4, AVI, MOV, DAT, MKV, MP3, FLAC, M4V and many others.  The popularity of Elmedia Player is vast because users are getting an impressively smooth HD playback with no interruptions or slowdowns.  Furthermore, any issues of bad sync with audio in original video file can be fixed due to its outstanding capabilities.

Users who have downloaded the Elmedia Player before October 19, 2017 are exceptionally prone to have been infected with the said malicious Proton malware.  It is important that users make the soonest action to fix their gadgets since this specific malware is intended to take the client’s data.

Digital attacks on sensitive data cause an assortment of issues including unauthorized access to client’s assets, sign in data, and even access to media that could be utilized against the proprietor.  In this case, the Proton malware in the Elmedia Player is discreet enough that is does not set off any security measures the Apple has.

The malicious code executes upon opening of the installer package.  A dialog box will then appear asking for the user to enter his username and password.  Entering the same will start downloading the necessary requirements for the malware attack to begin.

Proton malware contains malicious proton malware

The image below shows the comparison between the legitimate Elmedia Player from the malicious one.

Malicious Elmedia Player

Eltima, the Elmedia Player’s development company, reported that they have effectively settled down downloads of the infected installer.  Eltima additionally expressed that the malware does not have the capacity to influence the player’s capacity to refresh so the issue can be effortlessly solved by simply updating.

All operating systems, even MAC OS which claims to be the most secure, are prone to cyber-attacks and cyber-intrusions.  Malware with different capabilities emerge from time to time.  There are unavoidable instances when users somehow download legitimate applications from legitimate sources with embedded with malicious scripts.  The most effective solution against these attacks is to be overwhelmingly familiar with usual OS operations like, app installations, when do apps ask for credentials, dialog boxes, application logos, application interface, and other features that usually can be found in applications.  If there is the slightest hint of unfamiliarity, verifying the app online could mitigate probable attacks.  Ultimately, vulnerabilities can be solved outright through updates because of the developers’ continuous support.  Be sure to rely on known and popular developers.



Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.


Leave a Reply

Your email address will not be published. Required fields are marked *