Many of you are surely familiar with the recent infection of the Transmission app by KeRanger ransomware, but it turns out it might not be the only one infected. Yesterday I downloaded BitTorrent, and when I fired it up nothing happened, which was a bit worrying. I tried scanning the app with G Data, and the scanning process kept freezing on an executable file called Vermetus, within the contents of the app. It all made me suspicious, but nothing really happened outside of that - none of my files got encrypted or deleted. Still, just in case it's a backdoor trojan or something since I'm paranoid I wiped my disc clean and reinstalled the system. The weirdest thing is I cannot find ANY information online on that thing. I can see people googled it as well from google suggestions, but I only get links to general articles on Mac malware or the Transmission debacle, none of which mention Vermetus. It kept me up at night actually, and I just had to get up and post about it on a forum somewhere (hence it's 5 am here lol). And just now as I'm typing this my G Data got an update. I tried mounting the disc image to get some screenshot of the app info, but now G Data recognized it as malware and ejected the image:
By the way, Vermetus is a species of sea snail who's shell is reminiscent of a worm, in fact the snail is commonly called worm snail. So initially when looking at that name I thought it's just a clever name for a shell, until I got to that worm part... either way the maker of this program must be a giant nerd.
So anyway, I'm interested in knowing what's up with that thing and just how malicious it really is, but I don't know anything about checking things like this, so I'm looking for someone who knows stuff to look into it.
By the way, Vermetus is a species of sea snail who's shell is reminiscent of a worm, in fact the snail is commonly called worm snail. So initially when looking at that name I thought it's just a clever name for a shell, until I got to that worm part... either way the maker of this program must be a giant nerd.
So anyway, I'm interested in knowing what's up with that thing and just how malicious it really is, but I don't know anything about checking things like this, so I'm looking for someone who knows stuff to look into it.
Last edited: