O’Grady’s PowerPage » Kaspersky cites Shlayer Trojan as top malware threat for macOS in 2019, advises against installing suspect Adobe Flash Player updates
This is why you don’t obtain suspicious Flash updates from out of nowhere.
Security agency Kaspersky has said that in 2019, the Shlayer Trojan infect one in ten Mac customers, exposing customers to malicious apps that conceal behind faux error messages about customers needing to replace Flash.
The agency said that Macs have been the frequent goal of the Shlayer Trojan. Kaspersky cited that the trojan has been energetic since at the very least early 2018, although in 2019 it was the commonest threat to macOS. Around 10 p.c of all Macs had been attacked with it, and by itself, Shlayer represents 30 p.c of all of the Trojans detected on macOS.
Kaspersky’s report said that “thousands of websites” embody the Shlayer Trojan obtain, sometimes as a result of the websites companion with cyber criminals.
However, authentic websites may have this added, too.
“[These include] YouTube, where links to the malicious website were included in video descriptions,” says Kaspersky in its report, “and Wikipedia, where such links were hidden in the articles’ references.”
The Shlayer Trojan sometimes installs a Safari Extension, which the Mac asks the person in the event that they’d like to make use of it. However, whereas macOS is warning that that is an unrecognized extension, Shlayer is overlaying that message with a faux dialog field saying that the set up is full. During the course of this, customers see an “Okay” button and click on it, when in actuality they’re clicking a Trust button, stating that it’s okay for the working system to put in this software program.
During the ultimate stage, the Mac person will be bombarded with advertisements, whereby any shopping may also be affected by focused advertisements being introduced.
“[Since February 2018] we have collected almost 32,000 different malicious samples of the Trojan,” says Kaspersky. “Having studied the Shlayer family, we can conclude that the macOS platform is a good source of revenue for cybercriminals.”
Significantly, Kaspersky says that although the Trojan was detected nearly two years in the past, it’s nonetheless prevalent.
“The operation algorithm has changed little since Shlayer was first discovered, nor has its activity decreased much,” the corporate continues. “[The] number of detections remains at the same level as in the first months after the malware was uncovered.”
In brief, watch out on the market, think about trying into anti-malware software program, and solely obtain Adobe Flash Player updates by way of the Adobe site.
Stay tuned for further particulars as they grow to be out there.