Malware has evolved over the years and we have seen quite a few for Mac as well. One might think that only advanced malware is capable of targeting users, however, this is not the case. A seemingly simple malware that tricks macOS users into downloading and installing malicious software is one of the most widespread macOS malware.
A Report by Kaspersky Lab says that the malware has successfully targeted one in ten macOS users and generates revenue with the help of pop-up advertisements and links. The malware in question is called Shlayer and was first seen in 2018 and now two years later it has spread its tentacles.
Shlayer typically poses as flash updates and is found on many websites. The malware is rampant on websites that offer free movies, music downloads. The website asks you to install the flash update so that you can watch the movie or any content. However, it is nothing but malware in disguise. The worst part is that Shlayer is also being distributed via legit sites by redirecting to websites that can download the malware into Apple systems. According to researchers, as many as 700 legit websites have links directing to the malicious domain.
The macOS platform is a good source of revenue for cybercriminals, who are constantly looking for new ways to deceive users, and actively use social engineering techniques to spread their malware. This case demonstrates that such threats can be found even on legitimate sites.
On the brighter side, the malware is not involved in taking control of your computer or stealing financial data. It feeds off by displaying advertisements and earning revenue. One of the best ways to avoid malware is to download apps from official sources and think twice before installing a new piece of software or update from any website.[via Kaspersky Lab]