Applied Cyber Security

It is incredibly easy to add a malicious components (malware) to DMG files,  uploading them to file sharing websites like, & infecting computers on a mass scale.  SHA checksum is added to DMG files like TransmissionBT1, & Handbrake.fr2 to detect file tampering.

How to check SHA checksums:

In terminal, find the file(s) you’d like to check. “cd” command is to change directories, “ls” is to list files in a folder.

Use the following syntax: shasum file.dmg

The default for the shasum command is to use SHA1, the most common hash type, but this can be changed with the -a flag if necessary to 224, 256, 384, or 512.

Finally you can check the hexadecimal string on the main downloading website:

Always remember to download the files from a reputable source.

1. Popular BitTorrent Client Transmission Gets Infected With Malware Again
2. HandBrake hacked to drop new variant of Proton malware

You've successfully subscribed to Isaac
Welcome back! You've successfully signed in.
Great! You've successfully signed up.
Success! Your account is fully activated, you now have access to all content.