Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Discovered new ransomware on Mac computers
Currently, this type of malicious code is being spread on internet torrents in Russia with the name OSX.ThiefQuest.
The malware link is posted on RUTracker - a Russian torrent sharing network
To trick users into downloading to the computer, hackers will encode malicious code OSX.ThiefQuest in an impersonation software called Little Snitch - software whose main function is to monitor and manage connections outside the internet. Widely used on MacOS devices around the world.
After deceiving the victim to download and install the software, this malicious code will create on the system files like a normal installer. More sophisticated, this installer also contains a script that is executed after the installation process is complete to make renaming and removing traces to trick users.
Once the infection is triggered by the installer, the malware starts spreading itself around the hard drive, leaving the victim's computer encrypted with important data for the next 3 days. More carefully, this type of malicious code also installs executable files in locations that easily cause users to accidentally activate such as in system startup files or daemon plist files. This action is to create a backup plan in case the previously launched attack program fails.
After the encryption process is complete, a blackmail file is created to show the user how to redeem encrypted data on the device.
Image file extortion of hackers
The researchers even pointed out that the malware could open a reverse shell for the command and control server to perform remote code execution actions to take control of the computer. the victim.
In addition, OSX.ThiefQuest malware has been equipped with anti-malware techniques. In the case of a user using a malware analyzer or debugger for the computer, this malware usually will not show its full capabilities.
Security experts VSEC recommends that, to avoid being infected by viruses from software downloaded on the computer, users need to identify the source and only download from reputable sites, always read the terms and provisions of applications / software before downloading; periodically check the computer with virus scanning software to promptly handle existing problems.
In addition, VSEC experts recommend that for each important data, you should have at least 2 backups, one of which is always in an external memory that is not directly connected to your computer. anytime. If you have good backups, ransomware is not a threat to you.
5 ★ | 1 Vote
Jessica TannerYou should read it
- What is Ransomware Task Force (RTF)?
- Forecast 2021: The world of security will be devastated by ransomware '
- STOP - Ransomware is the most active in the Internet but rarely talked about
- Hackers can use Ransomware to attack and control robots
- Detecting two unusual versions of ransomware, shows that the world of ransomware has become diversified
- WannaCry remains one of the most dangerous global security threats
- Theory - Ransomware part 2
- Ransomware can encrypt cloud data
May be interested
- List of the 3 most dangerous and scary Ransomware viruses
while security solutions to protect us from threats, hackers are increasingly improving, while malicious programs (malware) are also becoming more and more 'cunning'. and one of the recent threats is how to extort money through ransomware. - Theory - What is Ransomware?ransomware, spyware, extortion software ... are all 1. this is the common name of a type of malware - malware, has the main effect of preventing users from accessing and using the system. their nature (mostly discovered on windows operating systems) ...
- There is a tool to decrypt the ransomware that specializes in attacking businessesthis new ransomware is still in development.
- All about WannaCry, Ransomware has been confusing for the past few daysthe article will provide some knowledge about wannacry and the most important security tips you should take and share with your acquaintances to prevent computers from ransomware wannacry.
- Ransomware can encrypt cloud dataransomware is as small as a grain of sand, they are everywhere around us. and they can encrypt hard drive attacks but also attack other system drives, and cloud drives don't get out of sight.
- Warning: There appears an email notification of Windows updates from a fake Microsoft that contains cyber ransomwarerecently, a new form of computer attack has been discovered by spiderwabs security researchers at trustwave.
- WannaCry remains one of the most dangerous global security threatswannacry is a ransomware that spreads itself on computers using windows operating systems.
- Ransomware 'Your Windows has been banned' extorting users with a face value of 50 USD Bitcoinrecently, the new version of ransomware 'your windows has been banned' has been reported by many websites and warned that all computers and infected users should remember that this is a scam.
- General guidelines for decoding ransomwarein this guide, tipsmake.com will try to help unfortunate readers infected with ransomware and encrypted files on the computer.
- [Infographic] 7 effective ways to protect businesses from Ransomwarehow to protect your business from ransomware? join tipsmake.com to follow the article to find the answer.
![[Infographic] 7 effective ways to protect businesses from Ransomware](https://tipsmake.com/data/thumbs_80x80/[infographic]-7-effective-ways-to-protect-businesses-from-ransomware_thumbs_80x80_RmVUGjsQC.jpg)
9 macbook features you might not know about
How to fix Safari error can not load websites on Mac
New features on macOS 11 Big Sur
11 tips to fix any common errors on Mac
Good features with Siri on Mac