There is a new strain of malware called ThiefQuest (TQ) that targets all Mac users, and probably one of the reasons Why is not working anymore? And is also being forced to the very system as part of the infected torrent downloads. The torrent in inquiry contains known security tools for the Mac known as LittleSnitch.

The LittleSnitch in itself is a trustworthy & extremely handy software that can go on to tell the Mac users when the additional software on a system is attempting to make private network connections that’d risk security. It costs about 45 $, and it is worth that price, however, there are surely people who’d like to go and get it without really paying. And it is exactly what the ThiefQuest is currently counting on.

In brief

  • A part of ransomware currently targets all those Mac users and makes the rounds there on torrent websites.
  • The new malware strain disguises itself as the application installer for the Little Snitch.
  • That software itself is not particularly sophisticated; however, users of macOS must refrain from simply downloading the pirated software as the general norm of safety.

These infected torrents download generally come with the patch that promises to convert a free trial of the LittleSnitch into a completely paid version. Of course, this does not do that. And the patch rather goes on to infect the Mac of a victim and opens up conversations to a ThiefQuest control servers & command.

This may even act like typical encrypted documents & ransomware, videos, images, etc. This malware could also record the keystrokes alongside ‘sniff out’ cryptocurrencies wallet files as per several Post.

One should be wary of?

These features provide criminals adequate array to figure out several ways to benefit from machines that’ve been infected. One’s crypto coins can be taken, accounts could be hijacked, and that is only the beginning.

The ThiefQuest also uses several tricks to avoid detection and prevent security researchers’ efforts to analyze it. One of the many ways it goes on to do this is via checking to detect if a machine it’s attempting to infiltrate has the anti-malware software placed in it. The software from Avast, Kaspersky, McAfee, Norton, and LittleSnitch will raise flags.


It is a new malware that seems to be the work-in-progress of classes as the ransomware functionality seems to be uneven and couldn’t encrypt the files on a few of the test systems of researchers.

However, since TQ, i.e., ThiefQuest, exists, those Mac users must be warned that their very systems aren’t immune to numerous ransomware infections. Cybercriminals have been making Mac malware for several years, and they’re getting a lot better at it. Thus, it is just a phase that won’t stay for too long, hopefully. So yeah, there you have it. To know further, head over to the web and research.