A new version of Mac ransomware distributed via pirated software called "EvilQuest" is attacking macOS users.
Although ransomware programs aimed specifically at Mac users are rare, new attempts emerge from time to time to hijack users' files.
Ransomware is a program that infects a user's computer by encrypting its files and demanding a $ 50 cryptocurrency reward to facilitate decryption.
The “OSX.EvilQuest” ransomware was discovered by independent researcher Dinesh Devadoss, but EvilQuest has apparently been around since early June 2020, according to ZDNet.
EvilQuest has some inputs that make it unique among ransomware examples. In addition to encrypting user files and asking for money to unlock them, EvilQuest also installs a keylogger (a keystroke log) and pieces of code that steal wallet files from computer currencies.
How to remove ransomware from Mac
The easiest way to prevent your computer from being hijacked by ransomware is, of course, not to download pirated software.
Another way is, as the article says, to pay the reward, even if you will always live with the uncertainty that you are still infected.
The third way is to format and reinstall the computer from scratch. You lose all information but you can continue with your life, hopefully with the lesson learned.
The fourth way to get rid of a ransomware attack is to dispose of backup copies (using Time Machine or other applications) before the day of the infected software download. Logically, if you use a post-infection backup, you will relive the same situation.