Bad news for some macOS users. Today, security researchers have discovered that devices using macOS are vulnerable to a powerful ransomware attack.
Malwarebytes, a security company, found that the ThiefQuest ransomware is spread through pirated versions of macOS software. It came to their attention when users reported being shown a weird notification.
The ransomware informed them that their files had been encrypted and they needed to pay the guilty party to decrypt their data. It is currently available via torrent downloads.
The researcher Thomas Reed said that he had needed to set his system clock ahead three days and restart his network connection and computer before the malware began encrypting the test computer’s files.
“If your files get encrypted, we’re not sure how dire a situation that is,” said Reed.
He goes on further to say that it depends on the encryption. Especially how the keys are handled. It’s possible that further research could lead to a method for decrypting files. However, don’t get your hopes up too high.
How to protect yourself against ThiefQuest
Reed says that the best way of avoiding the consequences of ransomware is to maintain a good set of backups.
Keep at least two backup copies of all important data. At least one should not be kept attached to your Mac at all times.
This is because the ransomware may try to encrypt or damage backups on connected drives. Fortunately, the warnings come before you download the software. Therefore, users who pay attention to such cautions are likely to avoid installing the ransomware.
Additionally, Reed notes that the software is very explicit in its operations.
He says that upon installation for testing, every 30 seconds the computer was screaming at him, beeping all the time. He says that it’s really noisy in both the literal and digital sense. Stay safe macOS users.