Stefan Mileschin

Users just can’t believe it is happening to them

While the writers of ransomware tend to leave Apple Macs alone due to the fact they have no need to threaten someone’s Coldplay collection, a new example has just appeared and appears to be gaining some traction.

Dinesh Devadoss, a malware researcher at the firm K7 Lab, found the malware and which he called ThiefQuest and it really does show up Apple’s faith-based security.

ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in.

The spyware component also lurks persistently as a backdoor on infected devices, meaning it sticks around even after a computer reboots, and could be used as a launchpad for additional, or "second stage" attacks.

The Tame Apple Press has done its best to play down the threat of the malware. It claims that Apple fanboys are perfectly safe unless they download pirated software which has not been official blessed by Apple.

Thomas Reed, director of Mac and mobile platforms at the security firm Malwarebytes, found that ThiefQuest is being distributed on torrent sites bundled with name-brand software, like the security application Little Snitch, DJ software Mixed In Key, and music production platform Ableton.

https://fudzilla.com/news/51112-new-...-is-super-smug