Ransom.OSX.EvilQuest

Short bio

Ransom.OSX.EvilQuest is Malwarebytes' detection name for a ransomware variant targeted at macOS systems.

Type and source of infection

Ransom.OSX.EvilQuest is ransomware of the type that encrypts files and thean asks for a ransom to decrypt them. Ransom.OSX.EvilQuest was distributed as a Little Snitch installer available for download on a Russian forum dedicated to sharing torrent links.

fake Little Snitch

Aftermath

It is unclear if the encrypted files can actually be recovered. And there are possibly stolen data sent to a C&C server

ransom prompt

Protection

Malwarebytes for Mac detects and removes Ransom.OSX.EvilQuest

Remediation

Malwarebytes for Mac will detect and remove the components of this malware.

Download and install the latest version of Malwarebytes for Mac.

Click the “Scan Now” button to perform a system scan.

If threats are detected during the scan, a count of detected threats is displayed. More detailed threat information is displayed after the scan completes.

Click “Confirm” to move the detected threats to Quarantaine.

If a restart is required to complete remediation of threats detected during a scan, you will be notified. When a restart is required, please remember to save all work before clicking “Restart”.

Related blog content

New Mac ransomware spreading through piracy

The state of Mac malware

Select your language

New Buy Online Partner Icon Warning Icon Edge icon