Digital chain. Blockchain technology concept. 3D illustration.

macOS secure the Apple operating system?

Το 2019, η Kaspersky εμπόδισε που πραγματοποιήθηκαν από το Shlayer, μία κακόβουλη οικογένεια Trojan, τουλάχιστον στο 10% των συσκευών που χρησιμοποιούν Kaspersky for Mac protection, making this threat the most prevalent for MacOS users. A clever malware distribution system spreads through a network of affiliates, entertainment websites and even Wikipedia, proving that even users who only visit legitimate sites still need extra protection when online.

Although macOS has traditionally been considered a much more secure system, there are still digital criminals trying to take advantage of users of this software. Based on Kaspersky statistics, Shlayer is a good example. Specializes in installation adware – programs that terrorize users by distributing illegal ads, eavesdropping and gathering users' browser searches, modifying results s for the distribution of even more commercials . Shlayer's share of all attacks on macOS devices recorded by Kaspersky products in the period January-November 2019 amounted to almost 1/3 (29,28%).

Η διαδικασία “μόλυνσης” αποτελείται συχνά από φάσεις – πρώτα ο χρήστης εγκαθιστά το Shlayer και έπειτα το installs a selected type of adware. However, the "infection" of the device starts with an unsuspecting user who downloads the malicious program. To gain access, the malicious player behind Shlayer has set up a malware distribution system with a number of channels that lead users to "download" the malware.

shlayer is offered as a way to monetize websites through various affiliate advertising programs, with a relatively high for every malware installation made by US users, with more than 1.000 "partner sites" distributing shlayer.

This scheme works as follows: a user searches for a TV series episode or a football match and the ad pages redirect them to fake Flash Player update pages. From here the victim will "download" the malware. Thus, the partner who distributes links to the malware receives payment for each installation.

MacOS
Example of central Shlayer's

Other systems lead to a fake Adobe Flash update page that redirects users from various major online services visited by millions of users, including YouTube, where links redirected to the malicious site were included in the video descriptions, and Wikipedia, where such links were hidden in the article references.

Users clicking on these links were also redirected to the main Shlayer download pages. Kaspersky's researchers found 700 malicious domains, links to which were found on various legitimate websites.

YouTube video and Wikipedia page with malicious links in the description

Almost all websites that lead to a fake Flash Player had content in English, with the USA (31%), Germany (14%), France (10%) and the United Kingdom (10%) being the countries that received the most attacks.

MacOS
The victims of Shlayer during the period February 2018 - October 2019

“The macOS platform is a good source of revenue for cybercriminals, who are constantly looking for new ways to trick users, and heavily use social engineering techniques to spread their malware. This case demonstrates that such threats can be found even on legitimate websites. Fortunately for macOS users, the most prevalent threats targeting macOS currently revolve around the distribution of illegal ads rather than something more dangerous like financial theft . A good online security solution can protect users from threats like these, making the experience of browsing the web safe and enjoyable," said Anton Ivanov, security analyst at Kaspersky.

To reduce the risk of "infection" with Trojans such as Shlayer, Kaspersky recommends:

  • Install programs and updates only from trusted sources.
  • For more information on the entertainment site you plan to visit:
  • Scan his name online and try to find comments about it.
  • Use a reliable security solution that provides advanced protection for Macs as well as PCs and laptops.

More information can be found at special website Securelist.com.

iGuRu.gr The Best Technology Site in Greecefgns

every post, directly to your

Join the 2.100 registrants.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).