Posted on January 25, 2020 at 11:23 AM
‘Shlayer’ Simple Malware but the Most Common on MacOS
Shlayer, a basic Trojan that uses simple attacking protocol is still the most common malware against the Mac operating system, according to reports from Kaspersky Lab. The Trojan tricks MacOS users to download malicious software. According to Kaspersky Lab security researchers, the malware is still the most common malware that is still troubling MacOS users.
The malware was first discovered 2 years ago. Then it was basically utilized to install malicious adware, particularly on macOS. The main goal for the malware was to generate revenue from links and pop-op adverts that appear in the affected system’s browser.
Since it was first discovered, Kaspersky Lab revealed that the malware has spread and affected 10% of MacOs computers. This makes it the most widespread malware affecting MacOs users. The attacking method of this malware is relatively basic, as there is nothing too complex about its activities. But it has still managed to infect more systems than any other MacOS malware, according to Kaspersky Lab.
Shlayer uses phoney attack method
Shlayer distributes and infects victims through phoney flash updates. This method has already affected thousands of websites. Most times, it infiltrates websites that give users access to illegally stream sporting events and shows.
They would inform users that they would not be able to watch their events or shows if they don’t download a flash update, which is obviously a fake update. Once the user agrees and installs the fake flash, it would be an automatic open invitation to their systems.
Shlayer also distributed through legitimate sites
The malware is not only distributed illegal sites. The creators of the malware often have links to the download page of the malware in some legitimate sites. There have been records of such links on descriptions of YouTube videos and footnotes to Wikipedia domains.
Researchers have discovered more than 700 links on a wide range of legitimate websites for this malware. Links on these legitimate websites are what make Shlayer more potent and widespread.
The attackers have managed to sway a lot of users to unknowingly download the malware to their system. UK, France, Germany, and the US have the highest number of victims. The majority of these victims are MacOS users, which goes to show that MacOS users are also vulnerable to malware attacks. However, the operators of the malware are still targeting more systems as long as the operation is delivering more income to them.
Malware very potent but less damaging
Cybercriminals normally take advantage of the macOS platform to sway users. They use the attack to gain a good source of revenue by actively utilizing social engineering techniques to deliver their malware to users’ systems. Based on the recent findings by Kasperky Lab, it shows that the threat of malware is also possible on legitimate sites.
Thankfully, macOS users can have a sigh of relief because the actions of the malware are not damaging or very dangerous. The Shlayer malware only feeds illicit advertising, which is the least of worries for users compared to other dangerous impacts of other malware attacks. It does not go into corrupt files, lockout the user, or steal financial data.
Avoiding falling victim
Researchers have advised MacOs users what they should do to avoid falling victim to the attack. They have advised users to be very careful with installation and only install software from trusted sources.
They warned MacOS users to be very careful of pop-ups that ask users to download updates before allowing access to their portal. To avoid giving in to such request, users should make sure they regularly update their systems via the genuine platforms. When their systems are always on automatic updates, the users can know when a site is asking for an illegitimate update.
Apart from having regular updates, users should be very careful when clicking on links, no matter where they are coming from. As the researchers have discovered, some of the malware links were also seen on legitimate sites. The only way to avoid such a malware attack is to be more careful online, Kasperky Lab stated.