Source Code for Various Panic Apps Stolen via HandBrake Malware

Earlier this month, the HandBrake team posted a security alert after learning one of their mirror download servers was hacked. The attacker was successfully able to replace the Mac version of the app with a malicious version.

In a blog post shared today, Panic developer and co-founder Steven Frank said he downloaded the infected version of HandBrake on his machine, which led to the theft of the source code behind most of his company’s apps. Panic offers several apps, including web editor Coda, FTP app Transmit, SSH client Prompt, and Firewatch.

Hackers accessed Frank’s computer through the infected HandBrake software and were able to obtain his usernames and passwords for many sites, including Github.

Several source code repositories were cloned by the attackers, who have since demanded a “large bitcoin ransom” to stop the release of the code. Panic has stated that they do not intend to pay this ransom.

While Panic’s source code has been stolen, the company says that a careful review of its logs indicates that the theft of the code was the extent of the damage. No customer information or Panic sync data was accessed by attackers.

If the source code was released into the wild, hackers could potentially create and distribute malware-infected builds of the apps. The company has stated that users should only download Panic apps from the company’s website or the Mac App Store.