Apple macOS users beware: a new ransomware called OSX.ThiefQuest is spreading in the wild.

Initially called “EvilQuest,” the ransomware wreaks havoc on victims’ computers by encrypting system and user files. Not only does this prevent the users from accessing their files (which apparently are deleted after three days unless users cave in to a $50 extortion), the encryption also causes macOS to crash constantly.

Related stories


As if that weren’t enough, OSX.ThiefQuest also installs a keylogger to track keyboard activity and a reverse shell that allows the attackers behind the malware to gain access to infected computers.

Fortunately, your chances of getting infected by OSX.ThiefQuest is low unless you’re into pirated copies of macOS apps. The malware was first found in pirated versions of apps such as Little Snitch, Mixed in Key 8, and Ableton Live. When these pirated apps are installed, a post-install script injects the malware into the computer.

Source: Malwarebytes

Leave a comment

Your email address will not be published. Required fields are marked *