Ransomware is Real

locked door

I have to admit that, historically, I regarded viruses and malware as distant threats that happen to other people. More recently, when ransomware first appeared on the computing scene, it was still something well outside of my experience. That changed last week when my antivirus software alerted me, displaying words you never want to see: 

Threat Detected

Antivirus for Macs and PCs

When I purchased a new MacBook Pro last year, I wasn’t using it long before I installed antivirus software that detects computer viruses and other kinds of malware infections. PC users routinely install antivirus software on their computers because Windows-based computers have been the primary targets for viruses and other malware for years due to their widespread use.

Historically, Mac users worried less about viruses and other malware because there were fewer Macs in circulation – and fewer viruses targeting Macs. One could argue that Mac users became somewhat complacent about installing antivirus software because of this dynamic. Maybe with the belief that Macs were somehow less susceptible to viruses than their Windows PC counterparts.

computer health check

Currently, the vast majority of personal computers in use (nearly 90 percent) are Windows PCs.  Despite that fact, there are also more Macs in use now than ever before. Factor in the use of personal technology due to the COVID-19 work-from-home phenomenon and the number of Macs in use today is significant. 

Unfortunately, now that Macs have a higher profile, they are more frequent targets for viruses and malware – including ransomware.

Malware and the Evil Quest

Malware is a contraction of the phrase malicious software, which is any software intended to cause damage to or infiltrate computer systems and other electronics. Viruses are one of the various forms of malware that also include:

  • Spyware is malware that steals personally-identifying information useful for identity theft
  • Ransomeware is malware designed to encrypt and withhold access to a person’s data until you pay a ransom

EvilQuest or ThiefQuest (OSX.ThiefQuest) is ransomware that targets Macs. The variation I encountered embedded itself in my installed Google software and modified various MacOS settings so it could persist – even after purging the infected files with my antivirus software. Only after purging the infected files and other remnants in settings was I able to restore my Mac to normal. 

Analysis of OSX.ThiefQuest indicates the malware lacks two key elements: 1) a mechanism to track who pays the ransom to unencrypt their data, and 2) a way to identify someone who pays the ransom and an email address to send them a decryption key to unlock their data.

The terrible end result is that you can only regain control of your Mac by reformatting the hard drive, which results in total data loss.

How do you defend against ransomware?

If I hadn’t been running antimalware software last week, I would still be recovering from my Mac’s EvilQuest infection. There are two essential practices you need to adopt to defend against ransomware and other forms of malware:

  1. Install antivirus and antimalware software
  2. Maintain current system backups

Your antivirus software should receive frequent updates because malware changes all the time. Some IT professionals recommend using AI-based antimalware for this reason. 

Ideally, you are maintaining two backups of your system and personal data (continuous or daily backups). Since malware can also encrypt attached drives on a computer, it’s best practice to have one backup on a non-attached drive, like the cloud.

Contact Prime of Life Tech for help installing antivirus and antimalware software, setting up regular backups, and troubleshooting malware issues.

Copyright © 2020 Prime of Life Tech