New ransomware is aimed at MacOS users who download popular app installers through torrent files.
Known as EvilQuest that was the attack discovered For the first time by Dinesh Devadoss, a malware researcher at K7 Lab. The results show that EvilQuest has been quite active since early June 2020. Malware lab companies like Malwarebytes have found ransomware that is attached to hacked macOS software and is mainly distributed through torrent sites and warez forums.
The same BTC address used
EvilQuest asks the victims to pay a ransom via the same static Bitcoin address (BTC) for every documented attack. One of the first signs that EvilQuest has launched an attack is that the MacOS Finder freezes. Once file encryption is complete, a text file with rescue instructions is generated.
Brett Callow, a threat analyst and ransomware expert at the Emsisoft malware lab, told Cointelegraph that EvilQuest is likely to be no other than a very minor threat.
“The fact that Macs have a relatively small market share means that they are not a particularly attractive target for ransomware groups and are unlikely to invest significant resources for Mac users.”
No significant threat
The results also show that the average ransom demanded by attackers is $ 50 in BTC. Victims usually have 72 hours to pay.
However, a threat is a threat that Mac users should be aware of. Fortunately, it is very easy to avoid this ransomware simply by not using pirated software, since this ransomware appears to be attacked only by software pirated software. Right, whether you’re a Mac or Windows user, hacked software and cracks are the primary distribution method for ransomware types aimed at home users. “
Cointelegraph recently reported the rise of ransomware aimed at home users rather than companies.