Apple approves OSX.Shlayer malware
September 2020 by Anton V. Ivanov, security expert at Kaspersky
Following this week’s news, that Apple accidentally approved one of the most popular Mac malware threats, OSX.Shlayer, as part of its security notarisation process, the comment from cybersecurity expert, Kaspersky. Anton V. Ivanov, security expert at Kaspersky comments:
According to our telemetry, Shlayer is the most widespread macOS threat of 2019 – last year we prevented attacks carried out by Shlayer on at least one in every 10th device using Kaspersky Solutions for Mac. It is important to note that while Shlayer is a Trojan, which specializes in the installation of adware, it is possible to use the malware for many other purposes.
Shlayer is notorious for its smart distribution system, which includes spreading via a partner network and entertainment websites – we previously found over 700 different domains that hosted this malware. Given this and the scale of the Shlayer campaigns, it is no surprise that cybercriminals are working on expanding the distribution channels for this malware.
Fake Adobe Flash updates are a common way to distribute the malware. It is worth remembering that Adobe Flash player is hardly used anymore, and new updates of this program are often masked attacks. We also advise users to always check the legitimacy of the website providing the download and, beyond that, to have a reliable security solution installed on their devices.