“The malicious ads lure users into updating their Adobe Flash players — but that update is really a downloader called Shlayer that opens up the Mac to even more malware,” Wagenseil reports. “To evade malware screeners, the ads first load normally, but then draw in malicious content from a Firebase, a Google-hosted online data repository designed for mobile-app makers.”
“The million machines exposed weren’t necessarily infected. Their users just all had a malicious ad load in a browser window,” Wagenseil reports. “The user would still have to click on the ad, and then click again to authorize the installation of the Flash Player ‘update’ to become infected.”
Read more in the full article here.
MacDailyNews Take: If you’re stuck having to use Adobe’s shiteous Flash player, use their official Flash update page, never a random pop-up window, here: https://get.adobe.com/flashplayer/