Quick to quell any rebellion regarding its business practices, Apple seems much less conscientious when it comes to monitoring the programs and updates disseminated through its services. The controllers of the Apple has accidentally let the most endemic malware on its macOS platforms, Shlayer, disguised as an Adobe Flash update. The malware was named earlier this year by Kaspersky as the most prevalent macOS threat of 2019 and published a report devoted exclusively to this malware: https://securelist.com/shlayer-for-macos/95724/.
Here is what he wrote in his report last January: “For almost two years now, the Shlayer Trojan has been the most common threat on the macOS platform. In 2019, one in ten Mac security solutions detected this malware at least once, and it accounts for almost 30% of all detections for this operating system. The first specimens of this family fell into our hands in February 2018, and we have since collected nearly 32,000 different samples of this malicious Trojan and identified 143 C&C server domains ”.
An intelligent distribution system
Shlayer is a Trojan horse malware that opens a back door to download and install adware. However, it may be used for much more nefarious purposes than a simple advertising invasion. In the lifecycle of malware, distribution modes are an important part of which Shlayer’s cybercriminals seem to have put a lot of effort into.
“Shlayer is known for its smart distribution system,” says Kaspersky, which includes distribution through a partner network and entertainment websites – we previously found over 700 different domains that hosted this malware. Given this and the scale of Shlayer’s campaigns, it is no surprise that cybercriminals are trying to expand the distribution channels for this malware ”.
:quality(80)/cdn-kiosk-api.telegraaf.nl/6317d7b2-eda8-11ea-9ed8-02c309bc01c1.jpg?resize=150%2C150&ssl=1)
