Bitcoin Forum
May 27, 2024, 05:04:59 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Beginners & Help > New ransomware variant targeting Mac OS users
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: New ransomware variant targeting Mac OS users  (Read 107 times)
cryptomaniac_xxx (OP)
Hero Member
*****
Offline Offline

Activity: 1512
Merit: 567


View Profile
July 01, 2020, 11:04:10 AM
Last edit: July 01, 2020, 11:29:53 PM by cryptomaniac_xxx
 #1
I'm a Mac user myself, so I would like to spread these "bad" news as there are a ransomware, known as EvilQuest who are targeting Mac users. What's more interesting is that it is not just a a ransomware, but it just camouflages itself to be a data wiper as well. And it also touted as a data stealer, it will search for /Users folder scans the files and sends it to a remote URL. Cyber criminals is asking $50 ransom in bitcoins.

It is reported to be spreading through torrents when you download pirated apps, you can also see this, For Crypto Users: Reasons why we should not download pirated softwares.


Sample Ransom Note

Bitcoin address:
Code:
13roGMpWd7Pb3ZoJyceBeoQpfegQvGHHK7

If you suspect that your machine is infected, you can go here: https://objective-see.com/products/ransomwhere.html.

If you have Malwarebytes installed into your Mac OS, then you are lucky because it has the capability of detecting and will remove it.

https://www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/
yazher
Hero Member
*****
Offline Offline

Activity: 2198
Merit: 586


You own the pen


View Profile
July 01, 2020, 12:37:06 PM
 #2
There are only few people who uses Mac OS here but still, this information would really help a lot. Mac users should avoid installing any suspicious apps from unknown sources because nowadays, programs like this are known to be used by hackers to steal data from PC users. I always watch some videos on Youtube on how these things used by hackers to fool people for paying them for their so-called PC technical support.

You can watch them here: https://www.youtube.com/c/JimBrowning/videos

This man is known to fool those filthy scammers, you will enjoy watching him fooling them.

.freebitcoin.       ▄▄▄█▀▀██▄▄▄
   ▄▄██████▄▄█  █▀▀█▄▄
  ███  █▀▀███████▄▄██▀
   ▀▀▀██▄▄█  ████▀▀  ▄██
▄███▄▄  ▀▀▀▀▀▀▀  ▄▄██████
██▀▀█████▄     ▄██▀█ ▀▀██
██▄▄███▀▀██   ███▀ ▄▄  ▀█
███████▄▄███ ███▄▄ ▀▀▄  █
██▀▀████████ █████  █▀▄██
 █▄▄████████ █████   ███
  ▀████  ███ ████▄▄███▀
     ▀▀████   ████▀▀		BITCOIN
DICE		EVENT
BETTING		WIN A LAMBO !

.
            ▄▄▄▄▄▄▄▄▄▄███████████▄▄▄▄▄
▄▄▄▄▄██████████████████████████████████▄▄▄▄
▀██████████████████████████████████████████████▄▄▄
▄▄████▄█████▄████████████████████████████▄█████▄████▄▄
▀████████▀▀▀████████████████████████████████▀▀▀██████████▄
  ▀▀▀████▄▄▄███████████████████████████████▄▄▄██████████
       ▀█████▀  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  ▀█████▀▀▀▀▀▀▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀		.PLAY NOW.
CryptoYar
Hero Member
*****
Offline Offline

Activity: 1064
Merit: 638



View Profile
July 01, 2020, 01:42:40 PM
 #3
This ransomware targets these file formats.
Quote
.pdf, .doc, .jpg, .txt, .pages, .pem, .cer, .crt, .php, .py, .h, .m, .hpp, .cpp, .cs, .pl, .p, .p3, .html, .webarchive, .zip, .xsl, .xslx, .docx, .ppt, .pptx, .keynote, .js, .sqlite3, .wallet, .dat
Source:bleepingcomputer.com

We can see that .wallet has also been targeted, it clearly means that crypto users are also targeted with this ransomware. However, before installing any software, it is better to scan on virustotal
Pages: [1]
  Print  
Bitcoin Forum > Other > Beginners & Help > New ransomware variant targeting Mac OS users
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!