Prevent Ransomware By Automatically Finding The Checksum Of Downloaded Files

Prevent Ransomware By Automatically Finding The Checksum Of Downloaded Files

Apple has already shut down the ransomware found in the Transmission torrent client.  You can easily prevent this from happening to you in the future by adding a Hazel rule to your downloads folder, which will automatically determine the checksum, so you can compare it with the one the legitimate file has.

You can run these commands independently but it’s kind of a pain sometimes.  I love when computers do things for me automatically, so with a simple Hazel rule, I can now quickly check if my downloaded files are legitimate ones.  Whenever a file is downloaded, a dialog now pops up showing me three different checksums, which I can compare to the ones on the Website I am downloading the file from.

The name of the file is the title of the dialog.  I can then copy and paste the checksum to verify it matches before opening/installing the file.

Setup

This is a straightforward rule to set up.  First, create a new downloads rule called Verify checksums.

Then, create a ruleset that checks for files added today and then runs a shell script.

Paste in the script below and you are all set!

osascript <<EOT
display dialog "MD5:
$(openssl md5 $1 | awk '{print $2}')
SHA1:
$(openssl sha1 $1 | awk '{print $2}')
SHA256:
$(openssl dgst -sha256 $1 | awk '{print $2}')" with title "$(basename $1)" with icon Caution
EOT