SentinelOne, the autonomous cybersecurity platform company, announced a new ransomware decryptor designed to roll back the \u2018EvilQuest\/ThiefQuest\u2019 ransomware currently targeting macOS users. The decryptor, developed by SentinelOne\u2019s research divisionSentinelLabs, is further evidence of SentinelOne\u2019s leadership in securing macOS environments. In an effort to aid the macOS community and help ransomware victims reclaim files without making ransom payments, SentinelOne released the tool on GitHub. SentinelOne blocks EvilQuest ransomware at machine speed across each of its 4,000 customers – as demonstrated here.<\/p>\n\n\n\n
\u201cCybercriminals are eager and adept at capitalizing on any opportunity to infect a user or organization with ransomware, regardless of the party\u2019s operating system of choice,\u201d said MigoKedem, Senior Director, SentinelLabs. \u201cThe challenge for macOS users is that most security vendors neglect macOS, shipping subpar and ineffective products that cannot cope with today’s threat landscape. SentinelOne strategically invested in building the market\u2019s leading macOS security solution, and we are happy to provide this tool for any macOS user to mitigate EvilQuest ransomware.\u201d<\/p>\n\n\n\n
The EvilQuest ransomware exhibits multiple behaviors including file encryption, data exfiltration, and keylogging. However, SentinelLabs research suggests that EvilQuest is not related to public key encryption and in fact often uses a table normally associated with block cipher RC2. Knowing this, the SentinelLabs team was able to break the EvilQuest encryption routine, unlocking files and disrupting the attack chain. Further technical detail on EvilQuest ransomware is available on the SentinelOne blog here.<\/p>\n","protected":false},"excerpt":{"rendered":"
SentinelOne, the autonomous cybersecurity platform company, announced a new ransomware decryptor designed to roll back the \u2018EvilQuest\/ThiefQuest\u2019 ransomware currently targeting macOS users. The decryptor, developed by SentinelOne\u2019s research divisionSentinelLabs, is further evidence of SentinelOne\u2019s leadership in securing macOS environments. In an effort to aid the macOS community and help ransomware victims reclaim files without making […]<\/p>\n","protected":false},"author":1,"featured_media":5666,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-5665","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"rttpg_featured_image_url":{"full":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",1153,217,false],"landscape":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",1153,217,false],"portraits":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",1153,217,false],"thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11-150x150.png",150,150,true],"medium":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11-300x56.png",300,56,true],"large":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11-1024x193.png",1024,193,true],"1536x1536":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",1153,217,false],"2048x2048":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",1153,217,false],"post-thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",755,142,false],"graptor-sq-xs":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/07\/fb7d7d4d-4f18-481d-96ed-c19809099b11.png",100,19,false]},"rttpg_author":{"display_name":"admin","author_link":"https:\/\/web3unplugged.io\/blog\/author\/admin\/"},"rttpg_comment":0,"rttpg_category":"Uncategorized<\/a>","rttpg_excerpt":"SentinelOne, the autonomous cybersecurity platform company, announced a new ransomware decryptor designed to roll back the \u2018EvilQuest\/ThiefQuest\u2019 ransomware currently targeting macOS users. The decryptor, developed by SentinelOne\u2019s research divisionSentinelLabs, is further evidence of SentinelOne\u2019s leadership in securing macOS environments. In an effort to aid the macOS community and help ransomware victims reclaim files without making…","_links":{"self":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/5665","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/comments?post=5665"}],"version-history":[{"count":1,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/5665\/revisions"}],"predecessor-version":[{"id":5667,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/5665\/revisions\/5667"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media\/5666"}],"wp:attachment":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media?parent=5665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/categories?post=5665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/tags?post=5665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}