How SentinelOne Protects from the EvilQuest macOS ransomware

In this video, you can see how SentinelOne protects from the EvilQuest macOS ransomware.
To learn more about EvilQuest/ThiefQuest malware, read our blog: https://www.sentinelone.com/blog/evilquest-a-new-macos-malware-rolls-ransomware-spyware-and-data-theft-into-one/
To read how we reversed the ransomware: https://labs.sentinelone.com/breaking-evilquest-reversing-a-custom-macos-ransomware-file-encryption-routine/

– A new macOS ransomware threat uses a custom file encryption routine
– The routine appears to be partly based on RC2 rather than public key encryption
– SentinelLabs has released a public decryptor for use with “EvilQuest” encrypted files