To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

MacOS environment: no actions for Adwares ?

Options
SecurMander
SecurMander W/ Member Posts: 15 Security Scout
edited January 2023 in Business Suite

Hi,

Have received some notifications from my PMS about some Adwares detected on MacOS environment with no action done.

This is the detail:

Security alert: Spyware detected. No action done.

Details: Spyware detected in /System/Volumes/Data/Users/XXXX/Library/Safari/Extensions/QuickBrowse.safariextz. Infection : Adware.ADWARE/OSX.Spigot.twnbe Action : none. File hash: 2eecd50383676738a4a5e171b042c7cc2fb25706 Accessor path: N/A Accessor hash: N/A Access operation: N/A

Have the same with Adware.ADWARE/OSX.WeDownload.woyy and Adware.ADWARE/OSX.adw.13727

In the PMSC - Settings - Realtime Scanning - all options are set to Custom: Quarantine Automatically. (Both settings, both servers and workstations)

Is there any other settings I have to set properly ?

Thanks for your help.

Best Answer

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 524 Moderator
    Solved
    Options

    Hi,

    I had to check this with our detection team.

    Based on the file path that you mentioned, this might be related to Safari browser infection. Unable to tell at he moment but it could have been an unsigned / untrusted extension.

    As the malicious part is in the browser extension, fully resetting the browser should do the job for most of the cases.

    It is a common issue that our product didn't get to remove as it is being used by the browser in the background.

Answers

  • SecurMander
    SecurMander W/ Member Posts: 15 Security Scout
    Options

    I did a mistake about the settings description: I was in the Windows Settings.

    In the Mac settings, there is no way to set any spyware action?

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 524 Moderator
    Options

    Hi

    Yes, that is correct. There is no way to set different spyware action in mac agent settings.

  • SecurMander
    SecurMander W/ Member Posts: 15 Security Scout
    Options

    Hi,

    Thanks your your reply.

    OK I got it that I cannot set different spyware action but I hope that clients are still protected ? If not action is done, what does that mean ? spywares are still there but blocked ? Ignored ?

This discussion has been closed.