Kaspersky’s comment : Apple accidentally authenticates Shlayer malware disguised as Adobe Flash Player update
September 2020 by Kaspersky
In January 2020, Shlayer has been designated by Kaspersky as the most widespread macOS threat. Kaspersky shared a dedicated analysis on this malware: https://securelist.com/shlayer-for-...
“In 2019 we prevented attacks carried out by Shlayer on at least one in every 10th device using Kaspersky Solutions for Mac. It is important to note that while Shlayer is a Trojan, which specializes in the installation of adware, it is possible to use the malware for many other purposes” said Anton V. Ivanov, Security Expert at Kaspersky.
“Shlayer is notorious for its smart distribution system, which includes spreading via a partner network and entertainment websites – we previously found over 700 different domains that hosted this malware. Given this and the scale of the Shlayer campaigns, it is no surprise that cybercriminals are working on expanding the distribution channels for this malware.
Fake Adobe Flash updates are a common way to distribute the malware. It is worth remembering that Adobe Flash player is hardly used anymore, and new updates of this program are often masked attacks. We also advise users to always check the legitimacy of the website providing the download and, beyond that, to have a reliable security solution installed on their devices”.