A new malware was discovered that uses Google Search results to attack Mac users, avoiding macOS Catalina protections. According to Screenrant's latest report, the new hacking technique is a novel approach to spread the malware, disguising itself as an update, making it undetectable from the majority of antivirus programs.
Also Read: [HACKERS] Bitcoin Developer Admits Hacking Big Bitcoin Address; John Cantrell Reveals How He Did It
Also Read: Google Chrome Removed Malicious Extensions Used in Payrolls, Emails, and Other Sensitive Functions
According to the report, Apple's security measures are bypassed by malicious software developers using Google search results to target Mac users, which goes completely undetected by most virus scanning software and apps. One of the most common ways to deploy malware is using flash player download prompts.
The company confirmed that Adobe Flash Player will be out after announcing that it would stop updating the software in 2020. It was also reported that the software is rarely used in web design these days, pushing most browsers to remove it.
However, the report claimed that most people assume that they need it since it was such an integral part of the internet for so long. To get more machines onboard, malware makers capitalize on people's need for the software, frequently disguising dangerous files as Flash updates.
Google Searches can be used by a new Mac malware
According to Screenrant, cyber attackers are prompting Mac users to install fake Flash updates using Google search results. A detailed report of the new attack method was posted by Intego, a digital security software company.
According to Intego's report, users are redirected through multiple sites once they click the links produced by Google search results when they used the exact titles of some YoutTube videos. The users are then directed to a page that requires them to update their Flash player.
The digital software company also said that Google could not stop the attack on its own since it is a novel approach that hides the fake Flash download in Google search results. Most websites can adjust their content accordingly when they're being scanned for malicious content by a search engine.
The usual Apple pop-up that informs a user regarding possible harmful downloads can ignore the warning since it doesn't have a button to open the file, making the prompt itself also a large part of the attack. However, a different dialog box that does have an "Open" button is created since the fake Flash updates instruct the user to right-click on the download link.
The users are only one step away from accessing the malware, although Apple provides a fine print with a warning stating that the link could be unsafe. The report warned that the users today should be more suspicious of any site that requires them to have a Flash update to view a website.
Right now, the amount of important, safe, and legitimate websites relying on Flash update is very low. Users are also not required by video platforms, social media platforms, and mainstream entertainment platforms to have a Flash update.