Ars Technica:
Almost two years have passed since the appearance of Shlayer, a piece of Mac malware that gets installed by tricking targets into installing fake Adobe Flash updates. It usually does so after promising pirated videos, which are also fake. The lure may be trite and easy to spot, but Shlayer continues to be common—so much so that it’s the number one threat encountered by users of Kaspersky Labs’ antivirus programs for macOS.
Since Shlayer first came to light in February 2018, Kaspersky Lab researchers have collected almost 32,000 different variants and identified 143 separate domains operators have used to control infected machines. The malware accounts for 30 percent of all malicious detections generated by the Kaspersky Lab’s Mac AV products. Attacks are most common against US users, who account for 31 percent of attacks Kaspersky Lab sees. Germany, with 14 percent, and France and the UK (both with 10 percent) followed. For malware using such a crude and outdated infection method, Shlayer remains surprisingly prolific.
Tell your less technically adept family and friends FLASH IS DEAD and they shouldn’t install any version of it, particularly if those family and friends visit “sketchy” websites.