ThiefQuest Ransomware for the Mac

2020-07-06 11:43

There's a new ransomware for the Mac called ThiefQuest or EvilQuest.

It's a good reminder to get your software from trustworthy sources, like developers whose code is "Signed" by Apple to prove its legitimacy, or from Apple's App Store itself.

If you're someone who already torrents programs and is used to ignoring Apple's flags, ThiefQuest illustrates the risks of that approach.

In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in.

Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy.

News URL

https://www.schneier.com/blog/archives/2020/07/thiefquest_rans.html

#MAC #ransomware