This is likely that the spyware component is the one that actually has utility and that attackers may be using the ransomware as a cover
NEW DELHI:Researchers at K7 Lab have found a new ransomware that affects Apple’s Mac computers. Unlike most ransomware though, this one might be more dangerous than perceived. According to the researchers, the malware also have spyware-like capabilities, which allow it to steal data from infected computers.
Ransomware attacks usually hold a user’s data ransom, but having spyware like capabilities means that this one can also steal your data regardless of whether you pay the ransom or not. Data like credit card numbers, passwords and other personal info that may be stored on your PC.
For example, when the WannaCry ransomware hit the world, it only encrypted the data on a PC and asked users to pay a ransom if they wanted the decryption key. ThiefQuest, which is the name of this new ransomware, can do that and also steal your data. The spyware part of the malware remains on an infected device and can be used to steal data perennially.
The ransomware was already significant, since Apple’s PCs are usually hit with fewer malware attacks than Windows devices. However, the ransomware plus spyware nature makes ThiefQuest unique.
Researchers have said that there are signs that the ransomware component is incomplete, suggesting that holding users’ data hostage isn’t what attackers intended to do. The code also showed that the malware won’t run if it detects certain security tools, like Norton Antivirus. Parts of the malware have been made in a way so that it avoids detection, but instead of running silently in the background, it seems to not run at all.
This also suggests that the spyware component is the one that actually has utility and that attackers may be using the ransomware as a cover.