In 2019 Kaspersky prevented attacks carried out by Shlayer. Shlayer is the most widespread om macOS that at least once on every 10th device is using Kasperky solution for Mac. The Shlayer spreads via a pattern network, entertainment websites and even from Wikipedia. It proves that users even visiting the legal websites still need additional protection.
What is Shlayer?
Shlayer is a trojan-type virus designed to proliferate various adware/potentially unwanted applications (PUAs) and promote fake search engines. It is typically disguised as an Adobe Flash Player installer and several software cracking tools.
In most cases, users encounter this virus when visiting suspicious torrent websites that are full of intrusive advertisements and deceptive downloads.
How the virus spreads?
As mentioned above, Shlayer spreads using torrent websites. It specializes in the installation of adware-programs that terrorize used by feeding malicious ads. The infection process consists of two phases. First, the user accidentally installs Shlayer, then the virus installs a selected type of adware.
From January – November 2019, the Shlayer’s share amounted to almost a third (29.28 percent), with nearly all other top 10 macOS threats being the adware that Shlayer installs: AdWare.OSX.Bnodlero, AdWare. OSX.Geonei, AdWare.OSX.Pirrit and AdWare.OSX.Cimpli.
Top countries affected by Shlayer
According to the reports from Kaspersky, the virus affected many peoples around the globe. However, Indians are among the most affected by macOS malware.
The top countries where have been affected by the threat include the US (31 percent), India (18.9 percent), Germany (14 percent), France (10 percent) and the UK (10 percent).
Anton Ivanov, Kaspersky Security Analyst Says:
The macOS platform is a good source of revenue for cybercriminals, who are constantly looking for new ways to deceive users, and actively use social engineering techniques to spread their malware. This case demonstrates that such threats can be found even on legitimate sites
Furthermore, ever since the virus was first detected, its algorithm has hardly changed, even though it actively barely decreased. This makes it an especially relevant threat that users need to be protected from.
How to be safe from these types of viruses
To keep yourself safe from these types of viruses, be cautious when browsing the internet and downloading, installing and updating the software.
Always remember that intrusive advertisements typically seem legitimate. However, once you clicked you’ll be redirected to dubious websites such as gambling, adult dating and similar.
So, don’t stumble upon these fake pages. Always download and update the software from the official source only.
