Connect with us

Featured

Thousands of websites planting malware on Macs

Published

on

Shlayer, a malware Trojan family, was last year identified at least once on every 10th device using Kaspersky Solutions for Mac, making this threat the most widespread yet for macOS users. A smart malware distribution system, it spreads via a partner network, entertainment websites and even Wikipedia, demonstrating that even users that only visit legal sites still need additional protection online.

Despite macOS traditionally considered to be a much safer and secure system, there are still cybercriminals trying their luck to profit from macOS users’. Based on Kaspersky statistics, Shlayer – the most widespread macOS threat in 2019 – is a good example of that. It specialises in installation of adware – programs that terrorise users by feeding illicit ads, intercepting and gathering users’ browser queries, and modifying search results to distribute even more advertising messages.

Shlayer’s share among all attacks on macOS devices registered by Kaspersky products in January – November 2019 amounted to almost a third (29.28%), with nearly all other top 10 macOS threats being the adware that Shlayer installs: AdWare.OSX.Bnodlero, AdWare.OSX.Geonei, AdWare.OSX.Pirrit and AdWare.OSX.Cimpli. Furthermore, ever since Shlayer was first detected, its infection algorithm has hardly changed, even though its activity barely decreased, making it an especially relevant threat that users need protection from.

The infection process often consists of two phases – first the user installs Shlayer, then the malware installs a selected type of adware. Device infection however, starts with an unwitting user downloading the malicious program. In order to achieve installations, the threat actor behind Shlayer set up a malware distribution system with a number of channels leading users to download the malware.

Shlayer is offered as a way to monetise websites in a number of file partner programs, with relatively high payment for each malware installation made by American users, prompting over 1,000 ‘partner sites’ to distribute Shlayer. This scheme works as follows: a user looks for a TV series episode or a football match, and advertising landing pages redirect them to fake Flash Player update pages. From here the victim would download the malware. For each such installation, the partner who distributed links to the malware receives a pay-per-install payment.

Example of Shlayer landing page

Other schemes lead to a fake Adobe Flash update page redirecting users from various large online services with multi-million audiences, including YouTube, where links to the malicious website were included in video descriptions, and Wikipedia, where such links were hidden in the articles’ references. Users that clicked on these links would also get redirected to the Shlayer download landing pages. Kaspersky researchers found 700 domains with malicious content, links to which were placed on a variety of legitimate websites.

Wikipedia page with malicious links in description

Almost all of the websites which lead to a fake Flash Player contained content in English. This corresponds with the top countries where users have been affected by the threat – the USA (31%), Germany (14%), France (10%) and the UK (10%).

Shlayer victims’ geography, February 2018 – October 2019

“The macOS platform is a good source of revenue for cybercriminals, who are constantly looking for new ways to deceive users, and actively use social engineering techniques to spread their malware. This case demonstrates that such threats can be found even on legitimate sites. Luckily for macOS users, the most widespread threats that target macOS currently revolve around feeding illicit advertising rather than something more dangerous, such as stealing financial data. A good web security solution can protect users from threats such as these, making the experience of searching the web safe and pleasant” – says Anton Ivanov, Kaspersky security analyst.

Kaspersky solutions detect Shlayer and its artefacts with the following verdicts:

HEUR:Trojan-Downloader.OSX.Shlayer.*

not-a-virus:HEUR:AdWare.OSX.Cimpli.*

not-a-virus:AdWare.Script.SearchExt.*

not-a-virus:AdWare.Python.CimpliAds.*

not-a-virus:HEUR:AdWare.Script.MacGenerator.gen

Pages, artefacts and links for this Trojan family, as well as additional details of the findings, can be found on Securelist.com.

To reduce the risk of infection with Trojans such as Shlayer, Kaspersky recommends:

  • Installing programs and updates only from trusted sources
  • Finding out more information about the entertainment website you are planning to visit: scan its reputation on the internet and try to find feedback on it
  • Using a reliable security solution like Kaspersky Security Cloud that delivers advanced protection on Mac, as well as on PC and mobile devices

Featured

Alexa can now read all messages

For the first time, an Alexa skill is available that makes it possible to listen to any kind of message while driving

Published

on

For the first time, Alexa users can now hear all their messages and email read aloud.

Amazon’s Alexa has become a household name. The world’s most popular virtual assistant is getting smarter every day and now, with Amazon Echo Auto, it’s in cars too. 

“In today’s highly connected world, messaging in the form of emails, texts, Facebook Messenger, WhatsApp and work channels like Slack, are integral to our daily routine,” says Barrie Arnold, chief revenue officer at ping. “However, distracted driving is responsible for more than 25% of car crashes and thousands of preventable fatalities every year.” 

ping, a specialist in voice technology founded by Arnold and South African Garin Toren, has developed a new Alexa skill as a companion to its patented smartphone app, that enables any message type to be read aloud. Designed for safety, productivity and convenience, “pingloud” is the first skill of its kind for keeping users connected when they need a hand or an extra pair of eyes.

“The ping Alexa skill is specifically designed to help drivers stay off their phones while giving them exactly what they want – access to their messages.” says Toren, ping CEO. 

Opening up Alexa to developers has resulted in an explosion of new skills available either for free or for a fee that unlocks premium services or features. These tools magnify the usefulness of Alexa devices beyond common tasks like asking for the weather, playing music or requesting help on a homework assignment. According to App Annie, the most downloaded apps in 2019 were Facebook Messenger, Facebook’s main app and WhatsApp, highlighting the importance of messaging. 

“The ping Android app is available worldwide from the Google Pay Store, reading all messages out loud in 30 languages,” says Toren. “The iOS version is in global beta testing with the US launch coming very soon.” 

Once you’ve signed up for ping, it takes a few seconds to link with Alexa, enabling all messages and emails to be read aloud by a smart speaker or Echo Auto device. Simply say, “Hey Alexa, open pingloud.” ping links an account to a voice profile so unauthorised users with access to the same Alexa cannot ask for the authorised user’s messages.

All major message types are supported, including Texts/SMS, WhatsApp, Facebook Messenger, WeChat, Snapchat, Slack, Telegram, Twitter DM’s, Instagram, and all email types. Promotional and social emails are not read by default.

*For more information, visit www.pingloud.com

Continue Reading

Featured

Coronavirus to hit 5G

Published

on

Global 5G smartphone shipments are expected to reach 199 million units in 2020, after disruption caused by the coronavirus scare put a cap on sales forecasts, according to the latest research from Strategy Analytics.

Ken Hyers, Director at Strategy Analytics, said, “Global 5G smartphone shipments will grow more than tenfold from 19 million units in 2019 to 199 million in 2020. The 5G segment will be the fastest-growing part of the worldwide smartphone industry this year. Consumers want faster 5G smartphones to surf richer content, such as video or games. We forecast 5G penetration to rise from 1 percent of all smartphones shipped globally in 2019 to 15 percent of total in 2020.”

Ville-Petteri Ukonaho, Associate Director at Strategy Analytics, added, “China, United States, South Korea, Japan and Germany are by far the largest 5G smartphone markets this year. The big-five countries together will make up 9 in 10 of all 5G smartphones sold worldwide in 2020. However, other important regions, like India and Indonesia, are lagging way behind and will not be offering mass-market 5G for at least another year or two.”

Neil Mawston, Executive Director at Strategy Analytics, added, “The global 5G smartphone industry is growing quickly, but the ongoing coronavirus scare and subsequent economic slowdown will put a cap on overall 5G demand this year. The COVID-19 outbreak is currently restricting smartphone production in Asia, disrupting supply chains, and deterring consumers from visiting retail stores to buy new 5G devices in some parts of China. The first half of 2020 will be much weaker than expected for the 5G industry, but we expect a strong bounce-back in the second half of the year if the coronavirus spread is brought under control.”

Exhibit 1: Global 5G Smartphone Shipments Forecast in 2020 1

Global Smartphone Shipments (Millions of Units)20192020
5G19199
Rest of Market13941165
Total14131364
 
Global Smartphone Shipments (% of Total)20192020
5G1%15%
Rest of Market99%85%
Total100%100%

Source: Strategy Analytics

The full report, Global Handset Sales for 88 Countries & 19 Technologies, is published by the Strategy Analytics Emerging Device Technologies (EDT) service, details of which can be found here: https://tinyurl.com/wep83gc.

Continue Reading

Trending

Copyright © 2020 World Wide Worx