K7 Computing has said that it is increasing the focus of new Malware & Ransomware detection in its Threat Labs in line with its mission of ensuring a safe cyber space for its users. The ongoing COVID scenario has given rise to increased levels of cyber threats and hacks and new strains of malwares are on the upswing. The research team at K7 Threat Labs recently discovered a new strain of Ransomware titled EvilQuest that specifically targets macOS through pirated applications. This is the second Mac malware discovered by the K7 Research team after the fileless Trojan identified last December.
Ransomware threats encrypt the victim’s files and demand a ransom for decryption. OSX.EvilQuest goes further and also installs a keylogger to record the user’s keystrokes, a reverse shell that allows the attacker to run custom commands, and will also steal files commonly used by crypto-currency wallets.
EvilQuest demands $50 in Bitcoin to decrypt the files but even if the attackers decrypt the files on receipt of ransom, they retain the ability to steal the victim’s credentials and files through the other malware installed along with the ransomware.
Commenting on the discovery, J Kesavardhanan, Founder and CEO of K7 Computing, said “EvilQuest demonstrates that cybercriminals rapidly evolve attacks on every platform. By bundling ransomware with other malware they create threats that remain malicious even after the ransom is paid, confirming the futility of paying ransom to cyber attackers. I am pleased that we have been able to alert the world to a new cyber threat. K7 Threat Labs was formed to be at the forefront of malware analysis and repeatedly discovering new attacks proves the depth of our research capability and our commitment to enabling safe computing for digital citizens.”
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]