Although macOS is traditionally viewed as a safe and secure operating system, cybercriminals are still trying to take advantage of macOS users, according to new research from Kaspersky that found Shlayer malware to be the most common macOS threat in the world. 39; last year. The malware itself specializes in installing adware on users' devices, which feeds illicit advertisements, intercepts and collects requests from users' browsers, and modifies search results to deliver even more advertising messages. . Between January and November of last year, Shlayer's share of all attacks on macOS devices reported by Kaspersky products was 29,28%, and almost all of the other top 10 macOS threats came from adware installed by malware, including AdWare. .OSX.Bnodlero, AdWare.OSX .Geonei, AdWare.OSX.Pirrit and AdWare.OSX.Cimpli. Since Shlayer's first detection, its infection algorithm has hardly changed, even though its activity has barely decreased, making it a particularly relevant threat that macOS users should be aware of.
Shlayer Malware
The Shlayer infection process often consists of two phases: a user first installs the malware and then installs a selected type of adware. However, device infection begins with a user downloading malware, and the cybercriminals behind Shlayer have created a multi-channel malware distribution system to increase the chances of malware being installed. Shlayer is offered as a way to monetize websites through a number of file partner programs that provide relatively high pay-per-install malware by US users. Currently, more than 1,000 partner sites are used to distribute malware. The scheme starts when a user searches for a TV series or sports game and the ad landing pages redirect them to fake Flash Player update pages where Shlayer can be downloaded. However, other systems redirect users to these fake update pages from popular online services, including YouTube, where links to these malicious sites are included in the video description, and Wikipedia, where the links are hidden in the video's references. article. Kaspersky security analyst Anton Ivanov explained why cybercriminals continue to target macOS users in a press release, saying: "The macOS platform is a good source of income for cybercriminals, who are constantly looking for new ways to deceive users and actively use social engineering techniques to spread their malware". This case shows that such threats can be found even on legitimate sites. Fortunately for macOS users, the most common threats targeting macOS these days revolve around the delivery of illicit advertising, rather than something more dangerous, like financial data theft. A good web security solution can protect users from such threats, making the web browsing experience safe and enjoyable. "To avoid falling victim to Shlayer, the security company recommends installing programs and updates only from trusted sources, carefully researching the entertainment websites from which you plan to watch content, and using an Internet security suite for additional protection.