New Ransomware Dubbed EvilQuest Targets MacOS Users

Security researchers have discovered this week a new ransomware strain targeting macOS users. Named OSX.EvilQuest, this ransomware is different from previous macOS ransomware threats because besides encrypting the victim’s files, EvilQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallet-related files from infected hosts. “Armed with these capabilities, the attacker can main full control over an infected host,” said Patrick Wardle, Principal Security Researcher at Jamf. This means that even if victims paid, the attacker would still have access to their computer and continue to steal files and keyboard strokes.

 

Full story here: https://www.zdnet.com/article/new-evilquest-ransomware-discovered-targeting-macos-users/

Experts Comments

July 01, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
It was only a matter of time before ransomware targeting Mac OS X became available in the wild, and it's not a simple ransomware attack. Not only will the attack make your data unavailable, but it also contains other malware to steal credentials and other remote access functionality. For years, the Mac OS has provided a secure and private system for its end users. Cybercriminals are taking advantage of access to the system to enable the keyloggers to capture user credentials and passwords,.....Read More
It was only a matter of time before ransomware targeting Mac OS X became available in the wild, and it's not a simple ransomware attack. Not only will the attack make your data unavailable, but it also contains other malware to steal credentials and other remote access functionality. For years, the Mac OS has provided a secure and private system for its end users. Cybercriminals are taking advantage of access to the system to enable the keyloggers to capture user credentials and passwords, which may not be evident via other attack methods. If this ransomware or any other ransomware impacts users, it is critical to format the system after recovering the data to avoid additional infections. With the data recovered either from backup or paying the ransom, it may provide a false sense of relief that the encryption is gone. However, cybercriminals may leave additional files undetectable by anti-malware systems and could result in further unauthorized access or data theft. End users and organizations will want to ensure they are aware of the latest ransomware and social engineering attacks with a robust security awareness program to help identify and be aware of these attacks and reduce the risk of data and productivity loss.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts