Although ransomware specifically intended for Mac users is very rare, Mac device users are advised to start cautiously. Because Mac Ransomware that is distributed through software dubbed “EvilQuest,” is actively targeting macOS users.
This ransomware, as reported by Apple Insider, encrypts user files and demands a ransom to unlock.
This ransomware appears periodically from time to time. Also to maliciously encrypting user files and charging money to open them, EvilQuest also installs a keylogger and reverse shell on the system, along with code that steals cryptocurrency wallet files.
Recently, how many security researchers published the newly discovered “OSX.EvilQuest” ransomware analysis and report. First discovered by independent malware researcher Dinesh Devadoss, EvilQuest is said to have been circulating since early June 2020.
According to Jamf Patrick Wardle, a former NSA hacker and MacOS security researcher, the ability could allow an attacker to “have complete control over infected hosts”.
Like previous Mac ransomware pieces, it seems that EvilQuest is distributed through pirated software. Researchers have found it bundled in a package called Google Software Update, while others see it hidden in pirated versions of the DJ Mixed In Key application and the Little Snitch security tool.
And it seems that EvilQuest is only distributed via torrent websites and pirated software. So, if you continue to use the Mac App Store or third-party developers that you trust, you will be able to avoid it.