Category: IT|Jun 26, 2020 | Author: Admin

New Shlayer Trojan Variant Threatens Mac Devices As It Bypasses macOS Security

Share on

Heads up Mac users. A new Mac malware has surfaced online that can infect your device sneakily. This new malware is a variant of the previously discovered Shlayer Trojan for Mac.

macOS.jpg

Heads up Mac users. A new Mac malware has surfaced online that can infect your device sneakily. This new malware is a variant of the previously discovered Shlayer Trojan for Mac.
Shlayer Trojan Malware Variant Found Researchers from Intego have found a new malware targeting Mac device. Identified as Shlayer variant, this Mac malware is active in the wild aiming at Apple users.

Sharing the details in a post, the researchers explained that this malware is robust enough to bypass the macOS built-in security. Moreover, it also strives to remain under the radar as it escapes antivirus detection. Briefly, the attackers have deployed various malicious websites on the internet.

Clicking any of these links can then trigger the attack. It begins with a prompt showing a fake Adobe Flash Player installer which is actually a Trojan on .dmg disk image. Following the download, the disk image will show up the instructions for installation, following which launches the ‘installer app’.

This installer then executes the malware in the background that keeps hidden. Whereas, it also downloads the legit Adobe Flash Player as well to trick the user. All of this happens within a few seconds giving no hint to the user about the malware. Since the malicious Mac app comes within a password-protected .zip file which is further hidden within a bash shell script, the malware evades antivirus detection.

This Mac app can then communicate with the C&C servers to download and install other malware. Although, the threat actors behind this campaign haven’t bothered to get an Apple Developer Account. However, they still manage to bypass macOS Catalina security prompt as they direct the users to open the app after right-clicking on the file. In this way, the warning prompt still gives an option for the user to open the app.

Hence, the victim is likely to install the malware. Malicious Links Present In Google Search Results What makes this campaign dangerous for the users is that the malicious websites distributing the links easily appear on Google Search results. Though, according to the researchers, this has been happening for almost a decade.


This is far from the first time that search engine results have led to in-browser fake dialog boxes and malicious downloads; this has been happening for more than a decade.

This isn’t specific to Google only, rather any search engine may face such issues.
Though, the search engines may work vigilantly to keep such malicious links out of the search results. As for the users, this campaign is nothing more than a reminder about how they should browse the internet.
Not every link appearing in Google Search results is reliable. Hence, users should never use any untrusted web links to download any software. Let us know your thoughts in the comments.

 

Sponsored Ads:

Comments:


Fiber.jpg

'Massive' transatlantic data cable landed on beach in Bude

Category: Google|Sep 17, 2021 | Author: Admin
Discord.png

YouTube shuts down Discord music bot ‘Rythm’

Category: Google|Sep 16, 2021 | Author: Admin
Facebook.webp

Facebook's secret rules differentiate between the "elite" and most people

Category: General|Sep 15, 2021 | Author: Admin
Apple.webp

Apple suddenly had to crisis-update the iPhone and Mac

Category: Apple|Sep 14, 2021 | Author: Admin
Epic.webp

Epic is blocked forever on all Apple platforms

Category: Apple|Sep 13, 2021 | Author: Admin
Desktop-Screenshot.png

NVIDIA To Launch GeForce RTX 30 SUPER ‘Ampere Refresh’ In January 2022, GeForce RTX 40 ‘Ada Lovelace’ GPUs in October 2022

Category: General|Sep 12, 2021 | Author: Admin
chrome-os-secret-weapon-100856418-large.jpg

3 smart shortcuts for a curiously hidden Chrome OS command

Category: Google|Sep 11, 2021 | Author: Admin
sunset-gold-iphone-13-render.png

iPhone 13 unveiled in Ukraine

Category: Apple|Sep 10, 2021 | Author: Admin
iCloud.jpg

Apple brings iCloud passwords to Windows, Microsoft's Edge

Category: Apple|Sep 9, 2021 | Author: Admin
AI.webp

AI will determine if you are allowed to drive

Category: General|Sep 8, 2021 | Author: Admin
TPM.png

The game is now blocking unsupported Windows 11 machines

Category: IT|Sep 7, 2021 | Author: Admin
Tech.png

US court rejects patent applications from AIs

Category: General|Sep 6, 2021 | Author: Admin
black.png

Facebook apologizes: their AI tagged video of black men as 'Primates'

Category: General|Sep 5, 2021 | Author: Admin
Apple.png

Apple postpones abuse monitoring after massive criticism

Category: Apple|Sep 4, 2021 | Author: Admin
Microsoft.png

If you do not have a supported machine, you will be thrown out of the Windows 11 testing

Category: Microsoft|Sep 3, 2021 | Author: Admin
more