Apple users are in big trouble, EnsQuest Ransomware launches attacks on MacOS through infected installers.
A new ransomware is attacking macOS users who download installers through torrent files.
Named EvilQuest, its data invasion was first spotted by Dinesh Devadoss, a K7 Lab malware analyst. Discoveries show that EvilQuest has been very dynamic since the beginning of June 2020. Malware lab firms, as Malwarebytes, have discovered the ransomware appended to pilfered macOS programming disseminated basically through deluge destinations and warez discussions.
BTC being used to pay for ransom
EvilQuest requires its victim to pay through a similar static Bitcoin (BTC) address in each infected document. One of the main signs that EvilQuest has conveyed an attack is that MacOS Finder freezes. When record encryption is finished, a text file is generated with instructions on how to pay ransom.
A conversation with Cointelegraph, Brett Callow, danger investigator, and ransomware master at malware lab, Emsisoft, accepts that EvilQuest is probably not going to be something besides a little scope danger:
“The fact that Macs have a relatively small market share means they’re not a particularly attractive target for ransomware groups and they’re unlikely to invest significant resources in targeting Mac users.”
The results also show that the average ransom demanded by the attacker costs $ 50 in BTC. Victims are usually given a 72 hour payment period.
“That said, a threat is a threat and it’s something Mac-users should be aware of. Thankfully, as this ransomware appears to be targeted exclusively via pirated software, it’s very easily avoided simply by not using pirated software. That holds true whether you’re a Mac user or a Windows user: pirated software and cracks are the primary distribution method for the types of ransomware that target home users.”