By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

Security researchers have discovered a precursor of the notorious Proton macOS malware. This supposed precursor appears to have been developed back in 2016, a year before Proton and uploaded on VirusTotal, where it remained undetected for nearly two years until May 2018, when Kaspersky researchers stumbled upon it. Researchers who analyzed the malware used the term "raw" to describe its code and capabilities. It was clear in their analysis that the malware was still under development and did not have the same capabilities as the Proton remote access trojan. Proton became a household name in the infosec community in March 2017 when threat intelligence analysts from Sixgill found it being sold on an underground hacking forum for steep prices ranging from $1,200 to $820,000. Two months later, Proton was seen in the wild for the first time when someone hacked the website of the HandBrake app and poisoned the official app with the malware. Proton was used again in October 2017 when hackers breached the website of the Eltima Player and injected the malware in that app as well. More details can be found on OUR FORUM.