Apple Mac users beware of this new Malware that installs spyware’s on your macOS PC/Laptop while surfing on Google
You all know Apple provides the best security for its products and updates the products with the latest security patch as available. You must have seen multiple Malwares that are led from the malicious websites but have you ever thought of those attackers who can poison your macOS using Google search results? Researchers have found that hackers have introduced a new way that allows hackers to install unwanted files that can spy your macOS.
Security researchers discovered a new Mac malware Shlayer spreading through Google poisoned search results. The malware distributed masqueraded as a fake Adobe Flash Player installer (.DMG disk image). The malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal.
Researchers from Intego said the newly updated Shlayer malware delivered as a Trojan horse file (.DMG disk image) masqueraded as an Adobe Flash Player. Once the user installs the malicious Flash Player on Mac machine the image will get the mount and display instructions on how to install it. “The instructions tell users to first “right-click” on the flash installer and select Open, and then to click Open in the resulting dialog box,”
When the users allow all required permission while installing the Flash player the bash shell script executes the opening terminal. The malicious file downloads the legitimate Adobe Flash player which easily traps users. After the installation in the background, the bash script extracts password-protected .zip archive file which has a malicious app bundle, stores the malicious app into a hidden temporary folder.
“The developers’ decision to hide the Mac .app within a password-protected .zip file, and to hide that within a bash shell script, is a novel idea—and it is also extremely clear evidence that the developers are trying to evade detection by antivirus software.”
Shlayer malware believed to be the most widespread macOS threat, earlier this February Carbon Black researchers spotted new Shlayer malware targeting 10.10.5 up to 10.14.3. Adobe already announced that they will stop distributing and updating Flash Player after 31 December 2020 (“EOL Date”).
It is suggested that Mac users avoid the installation of the Flash Player as no solution for this malware attack has been found yet, stay updated on the matter by subscribing Android Rookies newsletter from here