Watch out! Trojan disguised as flash update infecting Macs
If a random Flash update pops-up on your Mac computer, better be sure that it is a notification from the official Adobe-owned program. The reason we say this is because a trojan named 'Shlayer' is spreading on macOS and disguising as a seemingly legit Flash update to get into the computers of unsuspecting users. Here's all about it.
Flash Player update installing Shlayer
As reported by Kaspersky, Shlayer has been targeting macOS users by appearing in the form of a Flash Player update. Once the user proceeds with the update (considering it an official prompt), the trojan is downloaded/installed on the system, infecting it. From there, the malware triggers adware and starts showing annoying ads on the machine of the user, even in search results.
Shlayer has been spreading online too
The Flash Player-based attack appears to be the latest vector for Shlayer, which has also been reported to be spreading via partner networks, YouTube videos, entertainment websites, and Wikipedia articles. The trojan first appeared in 2018 and has been a constant threat to macOS, making up almost 30% of all the malware strains that Kaspersky has detected on the platform.
32,000 different samples of 'Shlayer' detected
Kaspersky claims to have collected almost 32,000 different malicious samples of 'Shlayer' over the last two years. According to the antivirus provider, the operation algorithm of the malware has changed a bit since its discovery, but its activity and detections remain same as before. Additionally, the seemingly legit distribution sources make it even more difficult for users to flag/avoid it on time.
Here's what Kaspersky analyst said about Shlayer
"This case demonstrates that such [adware-based] threats can be found even on legitimate sites," Anton Ivanov, Kaspersky Security Analyst, said in a statement, adding that currently "the most widespread threats that target macOS currently revolve around feeding illicit advertising" rather than things like financial theft.
Antivirus protection is the key to dodge these attacks
As such attacks are hard to flag, one needs to have a reliable online security solution, like Kaspersky or Quick Heal, on their computer. The program will detect most, if not all, potential threats, keeping your browsing experience safer and pleasant. Plus, try to avoid downloading unknown platforms without being sure of where they are coming from.