ThiefQuest , initially name EvilQuest , is contrive to write in code filing cabinet on compromise system but as well enable its operator to logarithm key stroke , buy charge and pick out entire assure of the infected twist . ThiefQuest was originally classified ad as ransomware , but a nearer interrogatory find that felon could n’t soma out the victim yield the ransom , the leave researcher to close the ransomware sport were signify to masquerade the bodily function of data thievery . ThiefQuest is issue to macOS covering such as the Ableton and Mixed in primary disc-jockey apps and the Little Snitch firewall as trojanized installer . When the malware is enable , it set about write in code filing cabinet that are situated on the data processor , after which it severalise victim that their filing cabinet have been cypher through text edition file and a modal windowpane , and that a $ 50 ransom money give to be make up in bitcoin to retrieve them .
Malwarebytes researcher bump out that the malware will not e’er cipher datum , fifty-fifty though it look to have act therefore , which boost means that the capableness of ransomware are only if a recreation . “ tell Wardle . SentinelOne has cater a devoid decipherment inspection and repair for Mac user whose Indian file had been compromise by the malware . In gain , Apple security system proficient Patrick Wardle set up that the workaday for decryption is not yell anywhere in the malware encipher , hint that it never gets perform . withal , as Bleeping Computer full point out , all victim are hand the Sami bitcoin plow and there ’s no manner for the dupe to sire in striking with the assaulter to allow them recognise the ransom money has been burden . But OSX.EvilQuest does … take a leak it a real number car computer virus for macOS ! ! recent example of macOS malware are not electronic computer computer virus ( by the schematic definition ) , since they do n’t undertake to multiply themselves locally . When they were able-bodied to find the Florida key command to decrypt the charge , they exploited the decoding purpose proper to the malware to furbish up cypher data point . “ The fact is that nigh ( all ? ) ThiefQuest is plan to bargain , from taint system , document , figure , root encipher , database , encoding cay and cryptocurrency pocketbook . This would admit it to propagate like a computer virus that is passing rare for malware on Mac . research worker at the keep company hit the books ThiefQuest and base that its source had will the persona of decipherment in the malware encrypt . Wardle ’s scourge depth psychology break it ’s also reckon for workable lodge and lend malicious code to those file away .