EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities

Why it’s a bad idea to install software from dodgy sources…:

[…] A rare new ransomware strain targeting macOS users has been discovered, called EvilQuest. Researchers say the ransomware is being distributed via various versions of pirated software.

EvilQuest, first discovered by security researcher Dinesh Devadoss, goes beyond the normal encryption capabilities for run-of-the-mill ransomware, including the ability to deploy a keylogger (for monitoring what’s typed into devices) and the capability to steal cryptocurrency wallets on the victims’ systems.

EvilQuest samples have been found in various versions of pirated software, which are being shared on BitTorrent file-sharing sites. While this method of infection is relatively unsophisticated, it is common for other macOS malware variants – including OSX.Shlayer– “thus indicating it is (at least at some level) successful,” according to Patrick Wardle, security researcher with Jamf, in a Monday analysis.


Original article here