Mac users are getting bombarded by laughably unsophisticated malware

For malware so trite and crude, Shlayer is surprisingly prolific.

Almost two years have passed since the appearance of Shlayer, a piece of Mac malware that gets installed by tricking targets into installing fake Adobe Flash updates. It usually does so after promising pirated videos, which are also fake. The lure may be trite and easy to spot, but Shlayer continues to be common—so much so that it’s the number one threat encountered by users of Kaspersky Labs’ antivirus programs for macOS.

....

In any event, Shlayer’s ranking is a good reason for people to remember that Flash is an antiquated browser add-on that presents more risk than benefit for the vast majority of the world. For those who must use it, they should download updates solely from https://get.adobe.com/flashplayer/.

People should never receive updates from windows that are displayed when trying to view videos or install software. The distinction can be hard for less experienced users, because Flash itself presents—or at least used to present—notifications when updates were available. People also would do well to steer clear of sites offering pirated material.

meer ...