Author

Topic: New ransomware variant targeting Mac OS users (Read 128 times)

hero member
Activity: 1064
Merit: 639
This ransomware targets these file formats.
Quote
.pdf, .doc, .jpg, .txt, .pages, .pem, .cer, .crt, .php, .py, .h, .m, .hpp, .cpp, .cs, .pl, .p, .p3, .html, .webarchive, .zip, .xsl, .xslx, .docx, .ppt, .pptx, .keynote, .js, .sqlite3, .wallet, .dat
Source:bleepingcomputer.com


We can see that .wallet has also been targeted, it clearly means that crypto users are also targeted with this ransomware. However, before installing any software, it is better to scan on virustotal

hero member
Activity: 2268
Merit: 588
You own the pen
There are only few people who uses Mac OS here but still, this information would really help a lot. Mac users should avoid installing any suspicious apps from unknown sources because nowadays, programs like this are known to be used by hackers to steal data from PC users. I always watch some videos on Youtube on how these things used by hackers to fool people for paying them for their so-called PC technical support.

You can watch them here: https://www.youtube.com/c/JimBrowning/videos

This man is known to fool those filthy scammers, you will enjoy watching him fooling them.

hero member
Activity: 1344
Merit: 540
I'm a Mac user myself, so I would like to spread these "bad" news as there are a ransomware, known as EvilQuest who are targeting Mac users. What's more interesting is that it is not just a a ransomware, but it just camouflages itself to be a data wiper as well. And it also touted as a data stealer, it will search for /Users folder scans the files and sends it to a remote URL. Cyber criminals is asking $50 ransom in bitcoins.

It is reported to be spreading through torrents when you download pirated apps, you can also see this, For Crypto Users: Reasons why we should not download pirated softwares.


Sample Ransom Note

Bitcoin address:
Code:
13roGMpWd7Pb3ZoJyceBeoQpfegQvGHHK7

If you suspect that your machine is infected, you can go here: https://objective-see.com/products/ransomwhere.html.

If you have Malwarebytes installed into your Mac OS, then you are lucky because it has the capability of detecting and will remove it.

https://www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/
Jump to: