Thursday, January 21, 2021
Home WOLRD Asia Tech experts warn of new Mac ransomware spreading via internet piracy &...

Tech experts warn of new Mac ransomware spreading via internet piracy & taking files hostage

Security experts have warned of new Mac ransomware being spread via pirated software from torrent sites. The virus is so new that there is currently no known way to recover lost files.

Once installed, the malware begins to spread itself “liberally” around the hard drive, though much of the nefarious software’s behavior is still not really understood. 

For example, it was found that the malware – dubbed ‘ThiefQuest’ – modified executable GoogleSoftwareUpdate files, commonly found on machines with Google Chrome installed.

However, according to anti-malware company Malwarebytes, Google automatically resets these files upon launch, meaning that “it’s unclear what the purpose here is” for the malware to make such changes as it would seem like a pointless addition. 



Also on rt.com
Russian IT specialist sentenced to 9 years in US after being ‘hijacked’ & extradited by Israel


As with all ransomware, ThiefQuest eventually begins encrypting as many files as it can, locking users out of their digital property until a ransom is paid for their return. These files are often confidential in nature as they are more valuable to the user. 

The author of the article detailing the malware, Thomas Reed, goes on to say that while many affected users have reported that they were asked to pay a ransom to retrieve the encrypted files, he “was unable to duplicate any of these [demands], despite waiting quite a while for the ransomware to finish.”

However, as this ransomware is so new, it is not yet clear whether once these files are encrypted, they can ever be decrypted. 

The anti-malware company advises that to protect against ransomware attacks, the public should always have a host of backup copies of their data stored on a separate hard drive. Doing so strips any power bad actors attempt to exercise when they use ransomware for blackmail, as you always have a copy of your data safely stored elsewhere. 

The malware was first discovered after being uploaded to a Russian torrent site tucked within a legitimate-looking copy of the macOS firewall, Little Snitch.



Also on rt.com
US grants Apple tariff exemptions despite Trump’s earlier no-go


Originally dubbed EvilQuest, the malicious software has been renamed “due to a legitimate game of the same name from 2012.” Its new name is OSX.ThiefQuest.

The malware has since been found in other applications, such as Mixed In Key 8, a type of DJing software. Reed also notes that “there are undoubtedly other installers floating around as well that have not been seen.” 

Like this story? Share it with a friend!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Indian Staffing Market will be the largest market in the world, today the industry is an over 6 billion dollar industry, says Mr Sultan...

Mumbai: According to Mr Sultan Khan, Founder & Director of EaseConnect HR Services Pvt. Ltd. Indian Staffing Market will be the largest market in...

HSE Interview Questions & Answers

What is Safety? The condition of being protected from or unlikely to cause danger, risk, or injury is Called Safety. What is the accident? It is an...

Putham Pudhu Kaalai trailer: Five Tamil filmmakers bring five stories of love in the time of Covid-19

The trailer of Amazon Prime’s upcoming Tamil film Putham Pudhu Kaalai was unveiled on Monday by filmmaker Mani Ratnam and composer A.R Rahman. Tamil...