A single malvertising Trojan conducted nearly 30% of all Mac malware attacks spotted last year by Kaspersky antivirus software, Kaspersky researchers said (opens in new tab) today (Jan. 23) in an official blog post.
We've written about the Shlayer Mac Trojan before, but it shows little sign of going away. One out of every 10 Macs running Kaspersky antivirus software for Macs encountered Shlayer, the company said in a press release.
Of the top 10 most prevalent Mac threats encountered by Mac users, most were adware that Shlayer itself downloads and installs in secondary infections.
Links to Shlayer-infected pages are showing up in user-posted content on YouTube and Wikipedia, the Kaspersky researchers write, often because the owners of one-legitimate sites let the registrations lapse and criminals snatch them up.
Sports and video-streaming fans are especially susceptible, because Shlayer often masquerades as Adobe Flash Player or other video software. Shlayer also pops up in malicious online ads.
If you get infected by Shlayer, you'll see many more ads pop up on your screen, some of which will tell you that you're infected and need to buy (bogus) antivirus software. Your search results may be hijacked by strange search engines, and your browsing habits may be tracked by even more people than usual.
The silver lining, if there is one, is that Shlayer, despite being malware itself, is for now only interested in propagating adware, which is more annoying than harmful. But it could easily flip a switch and start installing truly dangerous Mac malware.
To avoid infection by Shlayer or any kind of Mac malware, be sure you're running some of the best Mac antivirus software.
If you're presented with a dialogue box insisting that you need to update Adobe Flash Player, go to the official Adobe page at https://get.adobe.com/flashplayer/ (opens in new tab) instead. If you're asked to install some random video player you've never heard of, don't do it.