OSX.EvilQuest ransomware uncovered


Early today, the noted Malware researcher Dinesh Devadoss tweeted about a new piece of macOS ransomware “impersonating as Google Software Update program with zero detection.”

It’s not every day that a new piece of ransomware is uncovered that targets macOS. Moreover, as RansomWhere? claims to be able to generically detect such threats, I decided to take a peek at the malware and confirm my tool could detect it (with no a priori knowledge).

This is a really interesting if techy post on how malware hunters do their thing.