One million Macs exposed to malvertising scam

“A malvertising campaign has been targeting Macs since at least mid-January, with at least a million machines exposed, security firm Confiant said in a blog posting this week,” Paul Wagenseil reports for Tom’s Guide.

“The malicious ads lure users into updating their Adobe Flash players — but that update is really a downloader called Shlayer that opens up the Mac to even more malware,” Wagenseil reports. “To evade malware screeners, the ads first load normally, but then draw in malicious content from a Firebase, a Google-hosted online data repository designed for mobile-app makers.”

“The million machines exposed weren’t necessarily infected. Their users just all had a malicious ad load in a browser window,” Wagenseil reports. “The user would still have to click on the ad, and then click again to authorize the installation of the Flash Player ‘update’ to become infected.”

Read more in the full article here.

MacDailyNews Take: If you’re stuck having to use Adobe’s shiteous Flash player, use their official Flash update page, never a random pop-up window, here: https://get.adobe.com/flashplayer/

27 Comments

  1. The golden rule is never click on a link to update or install software. Even if Adobe prompts me to update my software I go through their website or the app itself to update.

  2. “The user would still have to click on the ad, and then click again to authorize the installation of the Flash Player ‘update’ to become infected.”

    If you ever click on an advertisement, then click again on a request to authorize the installation of any software, and then enter your admin credentials to allow the installation to proceed, then you deserve what you get. It is called “personal responsibility” and it comes with consequences.

    1. I agree with a lot of what you write, KingMel, but not this.

      A blanket invoking of “personal responsibility” just doesn’t fly when SO many people are SO abysmally ignorant. Many clients I’ve had over the years can barely turn on their computer. No-one has ever told them. They don’t know that there is anything to know.

      How can those people get educated? I certainly don’t know that. Maybe every computer should warn people about a few basic things not to do when it boots!? Then they can turn off the warning, once it has penetrated their brain.

      1. You are welcome to disagree with me, Sean. But I would like to provide supporting evidence for your consideration.

        Apple configures modern Macs to make it difficult to install software from untrusted sources. You have to acknowledge warnings and enter an admin name and password to install the software. At that point, personal responsibility applies. Apple put those warnings in place and made it the default. You can override the warnings or even alter your macOS configuration to eliminate them. But they are there and you have to work to get past them. Anyone who has the authority to do that without the judgment to apply it is dangerous to themselves and others.

      2. I would also like to add that ignorance is a curable condition. It can take a bit of work, but the resources are freely available. Therefore, willful ignorance (typically the result of apathy) is no excuse.

        The people that fall victim to these scams empower and enrich the scammers. That puts others in greater danger as the scammers leverage those additional resources to improve their techniques. I do not appreciate that in the least.

    2. Mel, i agree with the personal responsibility ideal. But as the platform developer, why isn’t Apple taking a proactive approach to eliminate all security risks? Apple has done absolutely nothing in the last several years except roll out a weak MS imitation Gatekeeper nag. Its macOS store is poorly implemented and will never be the preferred distribution method for many significant software makers. Can’t Apple admit this and start rooting out malware distribution outside its walled garden?

      Do we honestly believe that Apple has no responsibility to make its premier OS capable of identifying trojans and malware ?

      1. Fair enough. I did not and will not deny that Apple needs to continue to strive to improve Mac security. I happen to think that your portrayal of Apple’s efforts is unreasonably disparaging. Apple has done a lot to try to help users avoid malware without locking down macOS entirely (and enraging many in the process). Cops summers are able to do many stupid things with the products that they purchase – cars, microwave ovens, medication, etc. Hold those companies to a similar degree of scrutiny and judgment and I will look even more favorably upon your comments.

        Apple needs to improve. But I hope that you do not expect Apple to save consumers from themselves. Personal responsibility is the price of maintaining freedom. People no longer have to grow their own food. People no longer need to hunt and butcher their own meat. People no longer have to build their own houses. People have the time to learn how to safely operate a computer.

  3. When is Adobe going to do the world a favor and just stop distributing the software and kill any app that makes Flash Content? There is probably more to it, but its long overdue that Flash should just disappear..

    1. Calm down bro.

      Adobe don’t even know what to do in our modern world beside taking their users in an hostage plan. I had to take their plan for a year, I had project going on and needed to go with their latest CC because of a smartass consultant from client side. After that, I didn’t renew, will never renew. Adobe is sending me the big 40% discount for a year. That is where Adobe has its interest.

      I now have replace Adobe with Affinity products and Apple FCP, Motion and Compressor. Will never go back!

  4. that popped up on my iMac once and I said “that’s BS” and closed that window. It was so blatantly phishing that I almost contacted Apple security.

    As people have said above, go through your normal procedures to update ALL software ESPECIALLY Adobe garbage software. With flash, it is turned off, but when I really, really need it I go to abode directly and update. I wish it would go away.

    I love using my iMac, but the two BIGGEST pains in the rear end are 1) dealing with bs flash and 2) Microsoft’s incessant “updating office” that I have on my Mac for work. What is it every week they update? What a pain.

  5. Apple locking down the Mac? macOS 10.15 said to require a developer ID certificate

    Welcome to the future of more and more locked down systems.

    Most people can’t handle the security of PC’s and that’s why there are a million Mac’s that have this problem. My last job was with a non-profit association. Part of my job was the repair of members PC’s which for the most part meant cleaning malware off their systems.

    Managing their computer was having 3500 files in their download folder. 15 copies of various programs downloaded. Numerous copies of other files. 5 or 6 optimization programs or registry cleaners. 4 different expired virus and malware checkers none of which stopped them from giving that website permission to install the latest fix-it program with its malware load.

    The future is more and more locked down systems.

  6. The owner of the device holds the key to Rights Management and Gatekeeper.

    Apple holds the key to the App Store and iTunes. Apple can go eff themselves. See…? Simple!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.