Trojan.MacOS.Ravir
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 4 |
| First Seen: | February 2, 2021 |
| Last Seen: | November 8, 2021 |
Trojan.MacOS.Ravir is a generic malware detection that infects systems running macOS. It is a type of a Trojan, and as such, it can use various channels to infiltrate target devices unnoticed. Once installed on the machine, a Trojan has two main objectives: perform its malicious agenda and stay uncovered for as long as needed. Trojan.MacOS.Ravir likely puts affected users’ online security at enormous risk due to the variety of functionalities it possibly has.
A typical method of cybercriminals to infect macOS with Trojan.MacOS.Ravir is to inject the malicious files into something that looks relatively harmless, like an app or another tool claiming to have certain advantages, like improving a device’s performance or helping the user surf more efficiently on the Internet. In the case of Trojan.MacOS.Ravir, potential victims are naive macOS users who tend to download and install freeware or other files from untrusty websites or networks and end up having their systems compromised by malware threats like Trojans instead. Additionally, Trojan.MacOS.Ravir may come disguised as a fake software update or embedded into an email attachment sent through a mass-scale spam campaign.
As typical for Trojans, Trojan.MacOS.Ravir aims to provide its owners with remote control over the compromised computer. That allows the attackers to make the macOS system vulnerable to many harmful activities, like stealing sensitive user data and login credentials stored in apps or websites, recording browsing history, or even adding the device to an illegal botnet. Among Trojans' most dangerous features are that they often open a backdoor, through which the attackers can drop additional destructive threats, like Ransomware and other similar encrypting tools.
Trojan.MacOS.Ravir has been designed to operate silently and remain uncovered for a long time so that the hackers have enough time to explore and exploit their possibilities. Complex malware threats achieve that through code obfuscation and other advanced techniques for avoiding detection by anti-malware solutions. Luckily, certified and reliable anti-virus programs can detect and remove Trojans efficiently from macOS systems and prevent future infections. Therefore, macOS users who wish to protect their devices should download an AV-program explicitly designed for Mac computers.
