MacOS environment: no actions for Adwares ?

SecurMander

Hi,

Have received some notifications from my PMS about some Adwares detected on MacOS environment with no action done.

This is the detail:

Security alert: Spyware detected. No action done.

Details: Spyware detected in /System/Volumes/Data/Users/XXXX/Library/Safari/Extensions/QuickBrowse.safariextz. Infection : Adware.ADWARE/OSX.Spigot.twnbe Action : none. File hash: 2eecd50383676738a4a5e171b042c7cc2fb25706 Accessor path: N/A Accessor hash: N/A Access operation: N/A

Have the same with Adware.ADWARE/OSX.WeDownload.woyy and Adware.ADWARE/OSX.adw.13727

In the PMSC - Settings - Realtime Scanning - all options are set to Custom: Quarantine Automatically. (Both settings, both servers and workstations)

Is there any other settings I have to set properly ?

Thanks for your help.

JamesC

Hi,

I had to check this with our detection team.

Based on the file path that you mentioned, this might be related to Safari browser infection. Unable to tell at he moment but it could have been an unsigned / untrusted extension.

As the malicious part is in the browser extension, fully resetting the browser should do the job for most of the cases.

It is a common issue that our product didn't get to remove as it is being used by the browser in the background.