The Dangers of macOS Ransomware A Closer Look at KeRanger, FileCoder, MacRansom, and EvilQuest

Threat Level – Amber | Vulnerability Report
Download PDF

MacOS ransomware typically spreads through user-assisted methods such as downloading and running fake or trojanized applications. It can also arrive as a second-stage payload dropped or downloaded by other malware or as part of a supply chain attack. When it infects a device, it typically follows a process of gaining access, executing, encrypting the victim’s files, and then sending a ransom message. There are several known families of macOS ransomware, which include KeRanger, FileCoder, MacRansom, and EvilQuest.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox