Groundphlegm

New Mac ransomware is even more sinister than it appears

Published:

(Researchers originally dubbed it EvilQuest until they discovered the Steam game series of the same name.)

I’d be interested to know how that has affected their sales!

In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in. The spyware component also lurks persistently as a backdoor on infected devices, meaning it sticks around even after a computer reboots, and could be used as a launchpad for additional, or "second stage," attacks. Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy.

That hurts. Be safe people!

Though ThiefQuest is packed with menacing features, it's unlikely to infect your Mac anytime soon unless you download pirated, unvetted software.

Well, torrenting does have a reputation for being filled with malware, looks like it’s not going to change any time soon.

For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it.

You know, I despise how much macOS and iOS in recent years have started plastering the user with warning and password dialogs. It’s perfectly normal to have to re-enter your AppleID password after opening iTunes Music or IBooks after a while. And this is the reason what that’s bad. People get used to ignore warnings and start blindly inputting their passwords when prompted

Tagged with: