SecureMac, Inc.

Are Adware and PUPs Really Harmless?

March 10, 2020

Mac malware is largely made up of adware and Potentially Unwanted Programs (PUPs) — and these are often regarded as nuisances rather than true dangers.

Are Adware and PUPs Really Harmless?

New research has found that Mac malware threats are becoming more prevalent than their Windows counterparts. But there is one important qualification: The threats facing the macOS platform are not, for the most part, traditional forms of malware like Trojan horses and backdoors. Instead, Mac malware is largely made up of adware and Potentially Unwanted Programs (PUPs) — and these are often regarded as nuisances rather than true dangers.

But as the authors of the original report point out, adware and PUPs pose very real security and privacy risks to Mac users. In this article, we’ll take a closer look at these not-so-innocent programs — and tell you how you can stay safe.

How adware and PUPs get onto a Mac

Adware, as the name implies, is used to serve advertisements to the user of the computer on which it is installed. 

Adware typically makes its way onto a Mac somewhat sneakily. It is often bundled together with other applications — sometimes perfectly legitimate ones — that a person is trying to install. Trusting users click through the options presented by the software installer, and since the option to include the adware is often selected by default, the adware gets accepted onto the system during the installation process. 

Sometimes, adware is installed through even more deceptive means. For example, users may be directed to an illegitimate package tracking page, and prompted to download an associated tracking app. But the app doesn’t actually perform its advertised function: In reality, it’s nothing more than adware.

Potentially Unwanted Programs can contain adware as well, but PUPs may also include toolbars or some sort of “cleaner” or “system optimizer” functionality. Like adware, PUPs tend to appear on a Mac somewhat unexpectedly, usually after attempting to install another program.

What adware and PUPs do to a Mac

Once installed, adware and PUPs show up in a number of ways: as web browser extensions and search toolbars, as standalone desktop apps, as fake antivirus scanners, or as bogus performance optimization tools.

In the case of an adware infection, a user’s web searches may start returning advertisements placed by the malware’s authors, which are intended to generate affiliate revenue. Strange advertising pop-ups may also begin to appear, or web pages may suddenly be populated with illegitimate links leading to sites controlled by the adware’s authors. 

PUPs display many of these same behaviors, but they may also attempt to scare the user into believing that there is something wrong with their computer — telling them that they have a problem with their system that requires them to “clean” or “optimize” their Mac.

But while all of this is doubtless very annoying, is it actually unsafe? In a word, yes. 

How are adware and PUPs unsafe?

To begin with, the sites to which adware directs a user may themselves be malicious,  containing more dangerous forms of malware. Such sites may also be used to deliver scams or fraudulent offers.

In addition, some adware is able to collect location and web search data in order to show its victims relevant advertisements. But this data may also be exfiltrated — sent off of the host system to the malware’s authors — and then resold to third parties. This, of course, is a clear privacy threat.

PUPs that present themselves as optimization or system scanning software are often a form of fraud in and of themselves, because in most cases, the “premium” version that they attempt to sell to users delivers no real functionality or “solves” a non-existent problem. 

PUPs posing as antivirus tools create an additional danger: They make people think that they’re safe when they aren’t. This can lead to risky online behaviors that may bring users into contact with threats that their “software” can’t protect them from.

How to remove adware and PUPs from a Mac

In the case of browser extensions and toolbars, it is sometimes possible to remove these in the same way you would remove any unwanted browser extension: by using the controls in your browser app’s settings menu. 

However, more aggressive variants of adware and PUPs may not be so easy to get rid of. The good news is that these intrusive programs can be detected and removed by reliable third-party malware detection tools. If you have one of these installed on your system, run a full scan in order to remove the unwanted programs from your computer. 

How to avoid adware and PUPs

Of course, the best way to protect yourself from adware and PUPs is not to get infected in the first place! There are several basic steps you can take to keep safe:

  1. 1

    Install from the App Store

    As a general rule, you should only be installing apps that come from the Mac App Store. There is one major exception: You can download apps directly from the websites of reputable third-party developers that you know and trust. But if you’re just visiting an unrelated website casually, and you’re told that you “need” to download an app then and there in order to proceed, don’t do it!

  2. 2

    Beware of shady sites

    You’re far less likely to encounter malicious software — of all varieties — if you’re careful about which websites you visit. We won’t tell you where to go online, but just be aware that filesharing, piracy, and free software download websites are common sources of adware, PUPs, and other forms of malware. Exercise caution if you choose to visit these less than savory corners of the web!

  3. 3

    Update everything

    Sometimes malware infections can occur after simply visiting a malicious site. This is often the result of people using out-of-date software that doesn’t have the most recent security patches. So be sure to enable automatic updates for your OS, web browser software, and other apps on your system.

  4. 4

    Use malware detection

    Apple has been slow to bring the hammer down on adware and PUPs — perhaps because some of them occupy a gray area in which they are not overtly malicious or engaged in illegal activity. In addition, Apple’s native detection tools aren’t always able to spot some of these threats. Third-party cybersecurity companies tend to take a much harder line on adware and PUPs, and also have access to the most up-to-date malware definitions. Running a reputable, well-maintained malware detection tool is thus a good precaution to take.

It’s true that adware and PUPs are not the most hardcore varieties of malware out there, but they definitely carry security and privacy risks, and can open the door to more serious dangers. For this reason, they should be taken seriously by all Mac users — and scrupulously avoided! We hope this piece has given you the information you need to stay safe, but if you have a question related to adware, PUPs, or just a particular program that you’re not sure about, feel free to write to us at security@securemac.com.

Get the latest security news and deals