Here’s how to protect your Mac computer from ransomware

Q: Do Mac users need to be worried about ransomware or is it just a Windows problem?

A: Ransomware continues to be one of the most lucrative attacks that cyber-thieves have in their bag of tricks. In 2019, there was a 41% increase in attacks with the associated costs estimated to be in the $7.5 billion range.

While Windows-based computers have always been a much bigger target because there are more potential victims, ransomware specifically targeting MacOS has been around since 2016.

The Newest Threat

A recently discovered threat specifically targeting MacOS users named ‘EvilQuest’ has significantly stepped up the damage it does to victims.

Not only does it encrypt data files and holds them hostage, it also installs a keylogger, tries to steal crypto-currency wallet info and provides the hacker with full remote control of the computer, even if the ransom is paid.

It seems to randomly select files to encrypt that can include critical system files, such as the login keychain. The damage done by this particular malware is so insidious, that the only known way to completely remove the infection to format your entire storage disk and then reload everything from scratch or a clean backup.

Distribution Method

This particular ransomware program was first found hiding inside of another program, allowing it to sneak in when the host program gets installed, kind of like a Trojan Horse.

Although it’s been associated with pirated software downloads so far, there’s nothing to keep the bad guys from exploring other options. Hiding it inside another program makes it much more difficult for traditional signature based anti-virus programs to detect the malware.

You can go to this page on VirusTotal to see which security programs have updated their signatures to specifically detect this code.

As always, it’s best to stick to reputable sites or the Apple App Store for installing any new software program.

Check for Torrent Programs

We know that this is currently being spread through pirated versions of very popular or expensive software programs available on various ‘torrent’ sites, which is a shady part of the Internet.

Specific programs are needed in order to download programs for free from these torrent sites, so it’s a good idea to check your Mac for them, especially if you have kids.

Some of the more popular programs include Folx, qBittorrent, uTorrent, Transmission, Xtorrent, BitTorrent, Vuze, BitLord and FrostWire. You can manually search the Applications folder or use the Spotlight search (the magnifying glass icon in the upper right corner) to see if they exist.

If you find one of these programs on your Mac, it would be advisable to do a thorough security scan of your entire computer and have a discussion about the dangers of torrent downloads with the family member that is using it.

The Best Protection

No matter which ransomware strain hits you, your choices are either to pay the ransom or lose the files forever, unless you have a detached or off-site backup.

Anything attached to your computer such as an external hard drive or USB drive will be locked down by the malware, which is why online backups are very effective against this growing threat.