EvilQuest ransomware is launching attacks against macOS users through infected installers.
A new ransomware is targeting macOS users who download installers for popular apps via torrent files.
Known as EvilQuest, the attack was first spotted by Dinesh Devadoss, a K7 Lab malware researcher. Findings show that EvilQuest has been quite active since the start of June 2020. Malware lab firms, like Malwarebytes, have found the ransomware attached to pirated macOS software distributed mainly through torrent sites and warez forums.
Same BTC address used
EvilQuest asks victims to pay a ransom through the same static Bitcoin (BTC) address in every documented attack. One of the first signs that EvilQuest has deployed an attack is that MacOS Finder freezes. Once file encryption is complete, a text file is generated with ransom instructions.
Speaking with Cointelegraph, Brett Callow, threat analyst and ransomware expert at malware lab, Emsisoft, believes that EvilQuest is unlikely to be anything other than a very small-scale threat:
“The fact that Macs have a relatively small market share means they’re not a particularly attractive target for ransomware groups and they’re unlikely to invest significant resources in targeting Mac users.”
Not a significant threat
Findings also show that the average ransom demanded by the attackers is $50 worth in BTC. Victims are usually given a deadline of 72 hours to pay.
Callow adds:
“That said, a threat is a threat and it’s something Mac-users should be aware of. Thankfully, as this ransomware appears to be targeted exclusively via pirated software, it’s very easily avoided simply by not using pirated software. That holds true whether you’re a Mac user or a Windows user: pirated software and cracks are the primary distribution method for the types of ransomware that target home users.”
Recently, Cointelegraph reported on the rise in ransomware that targets home users rather than companies.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.