Apple app maker Panic’s CEO Steven Frank said he mistakenly downloaded the malware-laced DVD-ripping app HandBrake resulting in some of the company’s source code being stolen.
Frank said in a blog post that the HandBrake app on his computer has been alerting him to download an update and when he did it was during the period the app was unknowingly carrying malware. This led to his personal information being pwned and his computer completely compromised.
“By the time news broke of the HandBrake infection, git credentials had already been stolen from my Mac and used to clone several of our source code repositories, according to our logs,” Frank said.
The good news, Frank said, is not customer information was obtained by the hacker, Panic Sync data was not accessed and the company’s web server was not compromised.
Frank laid out a few scenarios of what could happen with the stolen code.
- It could be used to build free, cracked versions of Panic apps, something he said is already available.
- Create malware-infected builds of our apps, a case he believes is likely.
- A competitor obtains this source to attempt to use it to their advantage in some way.