Researchers discovered a new wave of Mac malware has been detected recently and the malware is spreading via poisoned Google search results.
This malware is quite tricky, as they shuffle victims so that they neglect Apple’s built-in macOS security protections.
Even this malware also applies sneaky tactics, so that they can easily evade all the antivirus detection. According to the security firm, this is a new alternative to the Shlayer Malware, which has been creating plunder for Mac OS users.
Moreover, the Kaspersky approximated that Shlayer was liable for 30% of all Mac malware assaults in 2019, while apart from this, it pretends itself as an Adobe Flash Player installer. But, it has its own features, as it takes a crafty road to infection once it’s downloaded, all in the name of avoiding detection.
Mac Malware Shlayer
Intego classifies the new malware as individual and new modifications of OSX/Shlayer, well the initial variant was first identified by Intego in 2018. And now, this OSX/Bundlore has various similarities to previous versions of OSX/MacOffers and Mughthesec/BundleMeUp/Adload.
The Mac malware Shlayer recognizes a file that resembles to be an update for a modern media player, but when originated will instead manage scripts that download other undesired applications on the infected computer.
This malware is the new version of the previous Mac malware, and it is recently updated to be presented as a Trojan horse application on a .dmg disk image, masquerading as an Adobe Flash Player installer. However, this malware is spreading through the Google search results that divert users to ill-disposed webpages demanding that a browser’s Flash Player is out of date.
Mac Malware Shlayer spreading like wildfire
According to Intego report, this malware is spreading via Google search results; when a user is searching for YouTube videos on Google, they are getting diverted to the malicious webpages. That’s why, if the user clicks on a malicious search result, then it would take the user to a page showing a notice that Flash Player required to be updated.
Moreover, the threat actors used fake dialog boxes to fool users and make them into downloading the updated version of Flash, which is actually a malware.
But, Intego has informed Google regarding this malware, and they also said that its antivirus is capable of catching such malware. Well, they told the users not to update or install Adobe Flash Player, mainly when a webpage advises you to do so. Nowadays, Flash is getting outdated, and there are not many websites that use it anymore.
How to Remove this Malware?
According to Intego, this malware can be removed with its new application that is Intego VirusBarrier X9, combined with Intego’s Mac Premium Bundle X9; this can identify and eliminate this malware.
Every search engine faced different challenges in attempting to stop infected search results that direct to malware. But, Google claims that they will protect users from all-new threats; still, Intego stated that there are very few antivirus malware scanning tools posted on VirusTotal that can detect this new Shlayer variant.