ThiefQuest ransomware aims at Apple Mac computers via pirated torrents

While malware for Apple's Mac platform is rare, it's important to remember that Macs aren't magically immune to attacks. Four years ago the first ransomware for Mac was discovered and now security researchers discovered "ThiefQuest", a piece of malware that basically consists of a spyware and a ransomware component.

Patrick Wardle, principal security researcher at the Mac management firm Jamf, speculates someone was making a piece of spyware with the ability to completely remote control an infected Mac, and then later decided to add a ransomware component as a way to make some money.

Overall, the risk seems low as ThiefQuest is primarily spread via pirated software. Security researchers note the primary mains of distribution seems to be via torrents. To get infected, you need to download pirated software and run the infected installer. Then you also need to dismiss a string of security warnings from macOS.

Though ThiefQuest is packed with menacing features, it's unlikely to infect your Mac anytime soon unless you download pirated, unvetted software. Thomas Reed, director of Mac and mobile platforms at the security firm Malwarebytes, found that ThiefQuest is being distributed on torrent sites bundled with name-brand software, like the security application Little Snitch, DJ software Mixed In Key, and music production platform Ableton. K7's Devadoss notes that the malware itself is designed to look like a "Google Software Update program." So far, though, the researchers say that it doesn't seem to have a significant number of downloads, and no one has paid a ransom to the bitcoin address the attackers provide.

Full details ARS Technica.