Malicious software called Shlayer first appeared in early 2018 and is mainly used to install malicious software on user systems to generate revenue from pop-up ads and links that are displayed continuously in his browser. victim.
Two years after its release, researchers at Kaspersky Labs It is said to have affected about 1 in 10 Mac users so it is considered the most common malware for macOS.
The basic method of distributing Shlayer is through Flash updates that have infiltrated thousands of sites.
It is often found on sites that allow users to watch illegal TV shows and sports events - and often ask the user to download a fake update Flash, to track their selected content. This allows the Shlayer to spread.
Malware is also distributed through legitimate sites, with links downloading the malware to its user systems Apple. Researchers have uncovered 700 different ones domain linked to a variety of legitimate sites.
Victims of this malware have dropped macOS users around the world, but most have been identified on USA, The Germany, The France and the United Kingdom. Meanwhile, the trojan shows no sign of slowing down while still generating revenue for operators.
In addition, it is clear that the macOS operating system is not as intact as the company claims.
"The macOS platform is a good source of income for cybercriminals who are constantly looking for new ways to deceive users and use social engineering techniques to spread their malware," said Anton Ivanov, security analyst at Kaspersky Lab.
To avoid falling victim to Shlayer and other malware, the researchers recommend that users install only software and updates from trusted sources.