One of the main virtues and almost obsessions of Apple, is to ensure the fullfilment of security requirements of the users of their devices. A couple of weeks ago, a new ransomware called "EvilQuest" was detected that affected Macs. Well, just a few days later, the native Xprotect security application that macOS Catalina incorporates has already been updated to block said virus.
Of course we can criticize Apple for many things, but it must be recognized that there is no more secure digital environment than the one offered by the Cupertino company on its devices with its firmwares always up to date.
A couple of weeks ago reported on the detection by some Mac users of a new ransomware dubbed "Evil Quest"Or also known as" ThiefQuest ".
It explained that said malware was hidden in the installation files of illegal copies of paid apps for macOS. An old method used since the beginning of computing to hide malicious software.
Hidden in the modified installation files of an illegal copy of any paid application, the user does not know that parallel to the installation of the pirated application, the ransomware "EvilQuest", obtaining the necessary permissions without the user noticing.
After a few days of lethargy, "EvilQuest" wakes up, and encrypts important and private files of the user. Displays a notice on the screen, and demands a payment of U.S. dollar 50 if you want to recover your files.
Xprotect and MRT (Malware Removal Tool) are two security applications built into macOS that work in the background to keep your Mac safe and virus-free.
Xprotect updated against "EvilQuest" version 2126
On July 13 Apple released a new version of XProtect, the 2126. This version arrived only a week after version 2125, something unusual for Xprotect. Usually updates are released every two weeks, or less that has been the case for the last six months.
Apple does not specify changes between versions of XProtect, but Electric light points out a new entry called MACOS.2070d41 among the XProtect definitions, as well as some modifications to MACOS.6cb9746, which detect ThiefQuest / EvilQuest and prevents its installation.
Xprotect and MRT updates will download automatically if you have activated the option "Install system data files and security updates" on the "Software Update" screen within "System Preferences". If that's the case, your Mac will periodically check Apple's server for newer versions and install them in the background.
How to check if your Xprotect is up to date
Check that you have version 2126 of Xprotect.
Find out if your Mac's version of Xprotect is 2126.
- Click on the Apple logo in the upper left.
- Open About This Mac.
- Open System Report.
- Look for Software in the left column.
- Click on Facilities in that list.
- Sort by installation date or by name.
- You should see XProtectPlistConfigData version 2126.