"A new Mac Malware Dubbed Tarmac has Been Distributed via Malvertising Campaigns"
It has been discovered that malvertising campaigns are distributing MacOS malware combining both Shlayer and Tarmac malware. The malvertising campaigns have targeted users located in the US, Italy, and Japan. When a user clicks on a malicious ad, the ad then redirects the victim to sites showing popups peddling software updates, mainly Adobe Flash Player updates, that once executed will install first the OSX/Shlayer MacOS malware, which then execute the final payload, the OSX/Tarmac. Tarmac acts as a second-stage payload for the Shlayer infection.
Submitted by Anonymous
on