Approximate reading time: 2 Minutes
EvilQuest ransomware

EvilQuest ransomware found in pirated music software  ·  Source: Photo by Markus Spiske on Unsplash / EvilQuest

New ransomware specifically targeted at Macs is going around. EvilQuest encrypts the files on your hard drive and claims that you’ll only be able to regain access your data if you fork over some bitcoins. But that’s not all: it also infests your system with other malware including a keylogger, which can reveal your sensitive information to the attackers.

EvilQuest ransomware

Malware that specifically affects Macs is still comparatively rare. But it does exist – and this time around, us musicians should be paying attention. EvilQuest is a new malicious piece of code that seems to spread through pirated copies of popular music applications, among others.

Once EvilQuest has found its way onto your hard drive, it encrypts the drive, preventing you from accessing your files. It then proceeds to tell you that the only way to get your data back is to pay ransom in the amount of USD 50 in bitcoins. The attackers claim that you’re “guaranteed” to get your files back, but I think we all know where this is going.

EvilQuest ransomware

Caution: the EvilQuest ransomware spreads through pirated music software!

And EvilQuest doesn’t stop there. IT experts have identified various other bits of malicious code that could expose your personal data to the attackers, and these will likely continue to run even if you pay ransom and regain access to your files. The malware apparently searches your system for files like wallet.pdf, wallet.png and key.png, which are associated with handling cryptocurrency. It also installs a keylogger, which tracks your keystrokes and transmits them to the attackers, potentially exposing your passwords and sensitive data.

Keep your data safe

Sounds scary, right? But here’s the thing: To have your Mac infected by EvilQuest, you need to be a bit of a crook yourself. The ransomware spreads through pirated software, much like the LoudMiner trojan exposed last year. Among others, the list of “warez” affected by EvilQuest seems to include Ableton Live and the Mixed In Key DJ software. Apparently it also spreads through pirated copies of Little Snitch, which is especially devious as that’s a popular tool for internet security.

So what does this mean? To state the obvious: if you stay away from cracked software and suspicious servers, it looks like you have little to worry about at this point. Protect your data by keeping your backups up to date, so you can restore your system in case things do go wrong. And consider using protective software like Malwarebytes for Mac or the free RansomWhere for an extra layer of protection.

3 responses to “MacOS ransomware EvilQuest found in pirated Ableton and Mixed In Key software”

  1. Erwin says:

    When companies like Ableton do something about their pricing there may be a profit for both Ableton and friends and their customers. I for instance use a paid Reaper version for personal use, because it’s about 60 euro. Which for private use is still a great deal. If Ableton is offering a full working version for around 100 euro for personal use I think a lot of people using a cracked version are willing to pay that money. This way Ableton is selling licenses and help reduce the feeding ground of those bastards

    • AAA says:

      You mean like Ableton Intro for $99:

      https://www.ableton.com/en/shop/live/

      You’re just whining because you can’t afford the full version of Ableton.

      Ableton’s pricing is no worse than any other DAW manufacturer. They have several versions at different price points. If all you are prepared to spend is around 100 Euro for a DAW, Reaper is perfect for you.

      • Mike Moreau says:

        There is also the option of rent-to-own, as in the case of Splice offering Studio One.

        If Ableton were to offer something similar, then their crippled versions could be eliminated because now anyone could own for a small monthly payment. It also eliminates the justification for the use of pirated software.

        As for Ableton Intro, it is worth noting that with only 16 tracks you can find yourself quickly running out of space. It is not worth the $99 if you are anything but a absolute beginner. However, in their favor, if you upgrade you get all your money back.

        And as for the price of DAWs in general, if Reaper, with it full list of features, can be offered for $60, then I cannot see why other companies cannot offer something similar…and no, with top tier, bought and paid for legal versions, of Cubase, Studio One and Digital Performer, I am not just “whining” because I cannot afford it.

Leave a Reply

Your email address will not be published. Required fields are marked *