New EvilQuest macOS ransomware is a smokescreen for other threats

2020-07-01 10:36

A new piece of ransomware dubbed EvilQuest is being delivered bundled up with pirated versions of popular macOS software, researchers warned.

The ransomware is also a smokescreen, as its "Noisiness" is meant to hide other things happening on the system in the background: the installation of a keylogger and a reverse shell, and the exfiltration of files that contain valuable information.

First spotted in late June, the EvilQuest macOS ransomware has now been analyzed by a slew of threat researchers.

Dinesh Devadoss , a malware researcher with K7 Lab, spotted the ransomware impersonating the Google Software Update program.

A variety of macOS antimalware solutions now detect this malware and remove it.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/dXWAzFSfy7Y/

#macos #ransomware #threat

News URL

Related news