4/29/2021 0 Comments S-Gear Mac Torrent
Additionally, the note doesnt list an email address that victims can use to correspond with the attackers about receiving a decryption keyanother sign that the malware may not actually be intended as ransomware.Close Alert Close New Mac Ransomware Is Even More Sinister Than It Appears Backchannel Business Culture Gear Ideas Science Security More Chevron Story Saved To revist this article, visit My Profile, then View saved stories.Close Alert Close Sign In Subscribe Search Search Backchannel Business Culture Gear Ideas Science Security Lily Hay Newma n Security 07.01.2020 04:45 PM New Mac Ransomware Is Even More Sinister Than It Appears The malware known as ThiefQuest or EvilQuest also has spyware capabilities that allow it to grab passwords and credit card numbers.
Facebook Twitter Email Save Story To revist this article, visit My Profile, then View saved stories. ThiefQuest is packed with menacing features, but its unlikely to infect your Mac anytime soon unless you download pirated, unvetted software. Photograph: Olly CurtisT3 MagazineGetty Images Facebook Twitter Email Save Story To revist this article, visit My Profile, then View saved stories. The threat of ransomware may seem ubiquitous, but there havent been too many strains tailored specifically to infect Apples Mac computers since the first full-fledged Mac ransomware surfaced only four years ago. So when Dinesh Devadoss, a malware researcher at the firm K7 Lab, published findings on Tuesday about a new example of Mac ransomware, that fact alone was significant. It turns out, though, that the malware, which researchers are now calling ThiefQuest, gets more interesting from there. Researchers originally dubbed it EvilQuest, until they discovered the Steam game series of the same name.) In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in. The spyware component also lurks persistently as a backdoor on infected devices, meaning it sticks around even after a computer reboots, and could be used as a launchpad for additional, or second stage, attacks. Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy. Looking at the code, if you split the ransomware logic from all the other backdoor logic the two pieces completely make sense as individual malware. But compiling them together youre kind of like what says Patrick Wardle, principal security researcher at the Mac management firm Jamf. My current gut feeling about all of this is that someone basically was designing a piece of Mac malware that would give them the ability to completely remotely control an infected system. And then they also added some ransomware capability as a way to make extra money. Though ThiefQuest is packed with menacing features, its unlikely to infect your Mac anytime soon unless you download pirated, unvetted software. S-Gear Torrent Torrent Sites BundledThomas Reed, director of Mac and mobile platforms at the security firm Malwarebytes, found that ThiefQuest is being distributed on torrent sites bundled with name-brand software, like the security application Little Snitch, DJ software Mixed In Key, and music production platform Ableton. K7s Devadoss notes that the malware itself is designed to look like a Google Software Update program. So far, though, the researchers say that it doesnt seem to have a significant number of downloads, and no one has paid a ransom to the Bitcoin address the attackers provide. For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it. Its a good reminder to get your software from trustworthy sources, like developers whose code is signed by Apple to prove its legitimacy, or from Apples App Store itself. But if youre someone who already torrents programs and is used to ignoring Apples flags, ThiefQuest illustrates the risks of that approach. ![]() The malware shows a ransom note that demands payment, but it only lists a static Bitcoin address where victims can send money. Given Bitcoins anonymity features, attackers who intended to decrypt a victims systems upon receiving payment would have no way to tell who had paid already and who hadnt.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |