|
Title: New ransomware variant targeting Mac OS users Post by: cryptomaniac_xxx on July 01, 2020, 11:04:10 AM I'm a Mac user myself, so I would like to spread these "bad" news as there are a ransomware, known as EvilQuest who are targeting Mac users. What's more interesting is that it is not just a a ransomware, but it just camouflages itself to be a data wiper as well. And it also touted as a data stealer, it will search for /Users folder scans the files and sends it to a remote URL. Cyber criminals is asking $50 ransom in bitcoins.
It is reported to be spreading through torrents when you download pirated apps, you can also see this, For Crypto Users: Reasons why we should not download pirated softwares (https://bitcointalk.org/index.php?topic=5256363.0). https://i.imgur.com/4xoSxhw.png Sample Ransom Note Bitcoin address: Code: 13roGMpWd7Pb3ZoJyceBeoQpfegQvGHHK7 If you suspect that your machine is infected, you can go here: https://objective-see.com/products/ransomwhere.html. If you have Malwarebytes installed into your Mac OS, then you are lucky because it has the capability of detecting and will remove it. https://www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/ Title: Re: New ransomware variant targeting Mac OS users Post by: yazher on July 01, 2020, 12:37:06 PM There are only few people who uses Mac OS here but still, this information would really help a lot. Mac users should avoid installing any suspicious apps from unknown sources because nowadays, programs like this are known to be used by hackers to steal data from PC users. I always watch some videos on Youtube on how these things used by hackers to fool people for paying them for their so-called PC technical support.
You can watch them here: https://www.youtube.com/c/JimBrowning/videos This man is known to fool those filthy scammers, you will enjoy watching him fooling them. Title: Re: New ransomware variant targeting Mac OS users Post by: CryptoYar on July 01, 2020, 01:42:40 PM This ransomware targets these file formats.
Quote .pdf, .doc, .jpg, .txt, .pages, .pem, .cer, .crt, .php, .py, .h, .m, .hpp, .cpp, .cs, .pl, .p, .p3, .html, .webarchive, .zip, .xsl, .xslx, .docx, .ppt, .pptx, .keynote, .js, .sqlite3, .wallet, .dat Source:bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/)We can see that .wallet has also been targeted, it clearly means that crypto users are also targeted with this ransomware. However, before installing any software, it is better to scan on virustotal (https://www.virustotal.com) |
