Home / malwarePDF  


First posted on 31 May 2020.
Source: SecurityHome

Aliases :

There are no other names known for OSX.Genieo.

Explanation :

Genieo is a browser hijacker that substitutes its own home page and search engine for those the user chose and uses the new options to deliver unwanted ads and additional PUPs. A hazard to Mac users for nearly a decade, OSX.Genieo is considered the parent of similar malware, including Only Search, MacShop Ads, and MacVX.

OSX.Genieo uses a variety of different techniques to make itself difficult to find and very difficult to fully remove from a system. The obfuscation techniques include polymorphic code obfuscation and purported uninstaller packages that actually install additional unwanted software.

While most instances of OSX.Genieo simply hijack a victim's browser, there have been scattered reports of more significant damage to a system, including computers rendered unbeatable when specific Genieo components were removed, passwords and user names encrypted and locked, and sensitive information exfiltrated from infected systems.

Last update 31 May 2020