AskToolbar

Type:
Adware

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

AskToolbar is adware, though it is sometimes classified as a Potentially Unwanted Program as well. AskToolbar is typically bundled with other software as an add-on during the installation process (this is very common, for example, during the installation of Oracle’s Java). The installer program for the primary application gives users the option to add the Ask toolbar and make Ask their primary search engine. This option is often pre-selected by default. AskToolbar is then installed as a browser extension on the user’s system, and …

Bundlore

also known as Buca

Type:
Adware

Platform:
Mac OS X

Last updated:
07/02/20 1:49 am

Threat Level:
High

Description

Bundlore is adware. It “bundles” malicious or intrusive applications together with a legitimate program that the user is attempting to install. During the installation process, the user is prompted to install these malicious add-ons alongside the application that they actually want. The option to accept the unwanted applications often comes selected by default in the installer interface.

If the user installs the bundled malware along with the principal application, they may face such nuisances as pop-ups, advertisements, and unwanted toolbars added to …

ChatZum

Type:
Adware

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

ChatZum is adware. It most often makes its way onto a Mac during the installation of another, legitimate program such as VLC or UnRarX. Although these applications in themselves are not malicious, and are not affiliated with the malware’s authors, the installer packages that bundle them together with the ChatZum adware are. Users are given the option to opt out of installing ChatZum by the installer program; however, ChatZum components are nevertheless installed on their computers even if they opt out.

Once installed on a …

ClickAgent

also known as OSX/ClickAgent.FLA

Type:
Adware

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

ClickAgent is adware. It masquerades as a Flash Player installer and may be found on various websites, especially filesharing and adult websites.

When ClickAgent was discovered in August 2013, it had been signed with an actual Apple Developer ID. If a user installs it, it will be added as an extension to their web browser — Safari, Chrome, or Firefox — and begin injecting ads into any website that the user visits. Some of these ads may be inappropriate or pornographic in …

Conduit

Type:
Adware

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

Conduit is adware. Conduit was a platform that could be used to create custom toolbars — meant to be installed as browser extensions — that were ostensibly aimed helping web publishers market to their audiences more effectively. However, Conduit had a number of behaviors that are classified as malicious: It would make unauthorized changes to a user’s web browser, including changes to the home page, new tab page, and search engine.

Conduit’s illegitimate search engine, search.conduit.com, posed a clear privacy threat, since it collected highly …

Shlayer

Type:
Adware

Platform:
Mac OS X

Last updated:
07/02/20 1:52 am

Threat Level:
High

Description

Shlayer is adware. First discovered in 2018, Shlayer has quickly become one of the most prolific families of macOS malware; some researchers estimate that the Shlayer malware family as a whole infects as many as 1 in 10 Macs worldwide.

Shlayer makes its way onto Macs via Trojanized updates and app installer files. In at least one instance, a version of Shlayer disguised an Adobe Flash update actually made it through Apple’s App Notarization process, meaning that it was not detected as malware by Gatekeeper. …