Ransomware made to attack Mac is discovered for the first time in 4 years

The macOS operating system, from Apple, became the target of a new version of ransomware. The threat is a virtual hijack: it encrypts the most important files on the computer, prevents access to the data and threatens to erase it if a ransom is not paid.

The virus was called EvilQuest and is the only one found on the platform in the last 4 years. Developer Dinesh Devadoss was one of the first to detect the threat, disguised as a program that updates Google software. The scam does not raise suspicion in security applications.

Security company Malwarebytes has produced a report on EvilQuest with more information. Apparently, the most widespread version of it has been circulating since June 20 in the form of pirated programs on forums and torrent sites in Russia. Little Snitch, which does network scans, is the cloned software to house the ransomware — it does install and work, but it comes with a dangerous threat.


When infected, the machine starts to behave unpredictably, with the Finder showing errors and files being encrypted. This includes jpg, docx, html extensions and many others. In addition, the user may even have security compromised, as the attacker is able to perform remote actions and receive details of what was accessed and typed into the device from a keylogger.

A text file created in the break-in explains the situation to the victim and asks for a payment of $50 within 72 hours to grant access to the data. But paying for ransomware is not recommended in these cases.

That's it, Steam officially supports PS5 controllers

Some Mac antiviruses are already able to remove the threat, but the “hijacked” data cannot be recovered. Therefore, the tip is not to download files from suspicious sources and always keep the online and physical backup of your most important files.

Related Articles

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker. Thanks.