“These links were not added by the cybercriminals themselves: we found that all those malicious domains had recently expired, and, judging by the WHOIS data, they now belong to a single individual. Interestingly, Kaspersky’s research team says that the boobytrapped Wikipedia footnotes were not placed there by the malware distributors themselves: Unsuspecting users might have been directed to the sites by search engines, malicious links posted in YouTube video descriptions, or even the footnotes of Wikipedia articles. Often Shlayer has been distributed via websites claiming to offer a live stream of a soccer match, software cracks, or posing as pirated episodes of popular TV shows. That means it’s possible that Kaspersky’s data is skewed because it is collated from Mac users who have chosen to run security software (and thus might consider themselves more at risk) or it might even mean that Kaspersky is actually *under-reporting* the true level of Shlayer activity because there is no insight on the computers which aren’t running an anti-virus. One caveat, of course, is that many Mac users are still not running any anti-virus. Can “one in ten macOS users” really have been attacked by Shlayer as Kaspersky claims? It feels remarkable if true.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |