Dangerous New Mac Ransomware Spreads Through Torrent Sites GA S REGULAR Menu Lifewire Tech for Humans Newsletter! Search Close GO News > Internet & Security

Dangerous New Mac Ransomware Spreads Through Torrent Sites

The malware masquerades as a legit network traffic monitoring app

By Kyree Leary Kyree Leary News Editor Kyree Leary has been a technology and gaming writer for nearly 10 years. His work has appeared on Digital Trends, IGN, Futurism, and more. lifewire's editorial guidelines Updated on July 1, 2020 03:26PM EDT Tweet Share Email Tweet Share Email Internet & Security Mobile Phones Internet & Security Computers & Tablets Smart Life Home Theater & Entertainment Software & Apps Social Media Streaming Gaming If you frequent torrenting sites, you should know how this malware spreads, what it does, and how to deal with it. Getty Images New Mac ransomware is making the rounds on various bit torrent sites, posing a potential threat to file sharers. Ransomware origins: According to Malwarebytes, the malicious code originates from a Russian forum and disguises itself as an installer for a real app known as Little Snitch. The installer “is attractively and professionally packaged,” meaning even veteran torrent users may be fooled by it. Little Snitch is often used to monitor network traffic, and allows users to permit or block apps from accessing shared networks. What it does: While the malware does install Little Snitch, attempts to launch the app fail. An installer for DJ software called Mixed In Key 8 is also included, and it’s suspected other installers are lurking in the files as well. The malware itself seemingly did nothing in Malwarebytes’ own experiments until they deliberately encouraged it to begin encrypting settings and keychain files, but even then, it “wasn’t particularly smart about what files it encrypted.” Is that it? The macOS Finder started having performance issues, such as taking a long time to respond and freezing. Some reported seeing files with instructions to pay a ransom, though Malwarebytes was unable to replicate this. Staying safe: If you do encounter this new ransomware, scan your system with antivirus software, which should detect and remove the problem. Malwarebytes for Mac will see it as Ransom.OSX.EvilQuest. It’s also recommended you have multiple backups of your Mac's data. “Keep at least two backup copies of all important data, and at least one should not be kept attached to your Mac at all times. (Ransomware may try to encrypt or damage backups on connected drives.)” Bottom line: The best way to protect yourself from malware is to never download anything that looks suspicious, and to triple-check the files and installers that look harmless. Frequent torrent users should already know this, but it never hurts to be reminded of the obvious. Via: Laptop Mag

Learn More About Malware

The 6 Best Free Malware Removal Tools of 2022 Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit More from Lifewire How to Set up Your New Mac What's Conhost.exe in Windows? What Does it Do? What Is IAStorIcon.exe? How to Lock a Folder in Windows 10 Can Chromebooks Get Viruses? 12 Best Free Spyware Removal Tools (October 2022) What lsass.exe Is & How It Affects Your Computer 31 Best Free Backup Software Tools (October 2022) Can a Router Get a Virus? 3 Best Free Full Disk Encryption Programs How to Password Protect a Folder How to Get Rid of a Virus on a Mac How to Remove Adware From Your Mac How to Fix Msxml3.dll Not Found or Missing Errors Can't Connect to the Internet? Try These 10 Tips Malwarebytes Review Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookies Settings Accept All Cookies