MacOS users are being warned of a new ransomware called ThiefQuest that could potentially harm the device.
According to TechRadar, the malware targets macOS devices like MacBooks encrypts the entire system and steals valuable data on the device. If the ransom is not paid to unlock the file, ThiefQuest is programmed to completely erase the victim’s device, including all the items inside.
ThiefQuest was first discovered by researchers at the security firm SentinelOne after participating in a comprehensive malware investigation. The company initially believed that the malware was no less subtle to investigate ransom messages warning victims of their ThiefQuest data.
As usual with the warning, the victim must pay $ 50 within 72 hours to lose all files, but the fraudster does not provide contact emails for information. for decryption after the victim has paid. Instead, victims only receive a link to the ReadMe file with a Bitcoin wallet to send ransoms.
SentinelOne discovered that ThiefQuest (originally called EvilQuest) used custom encryption, and its code shows it is not related to the public key encryption methods commonly used for such attacks.
According to the researchers, ThiefQuest traced the system’s / Users directory to target .doc, .pdf and .jpg entries and many other files. Once found, these files are encrypted by a simple encryption tool when creating an encrypted file. With a simple encryption method, SentinelOne has created and released a decoder that everyone can download for free.