Shlayer Mac Malware Returns with Extra Sneakiness

2020-06-17 17:44

A fresh variant of the Shlayer Mac OSX malware with advanced stealth capabilities has been spotted in the wild, actively using poisoned Google search results in order to find its victims.

"Unlike typical Windows PCs, there is no obvious right-side button on Apple mice and trackpads. Therefore, novice Mac users may not know how to do the Mac equivalent of a right-click, and therefore may not understand how to run the malware installer script."

The hidden malware can from there lurk on the machine, ready to download any other Mac malware or adware package from a command-and-control server, whenever the operators feel like it.

Shalyer last year made its way to the top of the heap when it comes to Mac's most common threat - It made up 29 percent of all attacks on macOS devices in Kaspersky's telemetry for 2019, making it the No. 1 Mac malware threat for the year.

For this specific malware campaign, it remains unclear how many sites are offering the malware and how many varieties of search results are poisoned, Intego said, especially since the malware is brand-new: As of Friday, the new malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal, researchers found.

News URL

https://threatpost.com/shlayer-mac-malware-extra-sneakiness/156669/

#MAC #malware