Security researchers find macOS-targeted ransomware in torrents

Spread the love

Researchers have discovered new ransomware that mainly targets macOS. The ransomware is called OSX.EvilQuest and comes in via software torrents. It’s not often that ransomware is discovered specifically for macOS.

The ransomware was discovered by researchers from MalwareBytes, among others. They found the ransomware after a tip. The ransomware spreads via torrents with macOS software.

There is no exhaustive list of torrents that contain the malware. Researchers say they discovered the first malware in torrents that contained a pirated version of security software Little Snitch, but one of the researchers at MalwareBytes say that it is also in the torrents with Google Software Updater for the Mac. The malware would also spread via torrents with music program Mixed In Key.

The ransomware spreads through a postinstall script that also installs the original program. He disguises himself as macOS’ CrashReporter, presumably to evade detection. According to the researchers, that doesn’t always work. The ransomware is not very good, according to the researchers; for example, it encrypts important system files or Keychain files. Also, it takes a long time for the ransomware to start encrypting files.

The ransomware asks for an amount of fifty dollars in bitcoin. Security researchers at Objective See also say that the ransomware also contains a keylogger and tries to steal crypto wallets from a system.

You might also like
Exit mobile version