S0595macOS

S0595ThiefQuest

Platforms
1
ATT&CK
14.1
References
5

Description

[ThiefQuest](https://attack.mitre.org/software/S0595) is a virus, data stealer, and wiper that presents itself as ransomware targeting macOS systems. [ThiefQuest](https://attack.mitre.org/software/S0595) was first seen in 2020 distributed via trojanized pirated versions of popular macOS software on Russian forums sharing torrent links.(Citation: Reed thiefquest fake ransom) Even though [ThiefQuest](https://attack.mitre.org/software/S0595) presents itself as ransomware, since the dynamically generated encryption key is never sent to the attacker it may be more appropriately thought of as a form of wiper malware.(Citation: wardle evilquest partii)(Citation: reed thiefquest ransomware analysis)

Platforms· 1

macOS

References

  1. https://attack.mitre.org/software/S0595
  2. https://objective-see.com/blog/blog_0x60.html
  3. https://www.sentinelone.com/blog/evilquest-a-new-macos-malware-rolls-ransomware-spyware-and-data-theft-into-one/
  4. https://blog.malwarebytes.com/detections/osx-thiefquest/
  5. https://blog.malwarebytes.com/mac/2020/07/mac-thiefquest-malware-may-not-be-ransomware-after-all/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
MacRansom
Software
Patcher
Software
Egregor
Software
Qyick Ransomware
Software
5ss5c(5ss5cCrypt)
Software
QP
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.