We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Search results for: softonic

Continue to boycott Softonic

Posted on December 6th, 2013 at 6:55 AM EST

Softonic has been a problem before, as outlined in a previous article, Boycott Softonic. In a nutshell, Softonic was wrapping some software downloaded from their site in an adware installer, which installed the ChatZum adware. Worse, the adware was installed regardless of whether you declined this “optional” software. Although Softonic quickly removed these installers when caught, they obviously did not learn the error of their ways. Adware-riddled installers are back!
Read the rest of this entry »


Boycott Softonic

Posted on April 16th, 2013 at 9:53 PM EDT

Just a few hours ago, I wrote about a VLC installer on Softonic that was installing adware. (Adware that was not authorized to be included with VLC, according to a post by Jean-Baptiste Kempf of VLC.) It has just come to my attention that the same thing is happening with UnRarX, and on downloading that software from Softonic, I verified that the installer behaves in the same way. It looks like Softonic is wrapping free software in a custom installer that installs adware, obviously to generate revenue for Softonic. I’m sure that the list of software being abused in this way will continue to grow over the next few days. This is despicable behavior, and I would ask everyone to boycott Softonic until they change their behavior.
Read the rest of this entry »


ChatZum adware added to VLC on Softonic

Posted on April 16th, 2013 at 4:44 PM EDT

It was brought to my attention today by an astute reader that there is a copy of VLC, currently being hosted on Softonic, which has had adware added to it. Of course, I had to investigate, and what I found is very concerning. That report turns out to be completely true, and worse, the adware installs components on your system even when you opt out of installing it!
Read the rest of this entry »


Is downloading from the developer’s site safe?

Posted on June 29th, 2015 at 9:16 AM EDT

You should only download software directly from the site of the developer who created the software. This has been a bit of standard advice given by security people like myself when trying to help people understand what to download and what not to download. It’s good advice, right? Well… mostly, but not entirely, unfortunately.
Read the rest of this entry »


Genieo adware proliferating

Posted on June 7th, 2015 at 9:00 AM EDT

In recent months, several new variants of the Genieo adware have crossed my path. This adware is still pulling many of the same tricks – changing the search engine to Bing, and installing all kinds of junk that runs in the background and modifies browser behavior. However, it’s now using a variety of different names, perhaps in an attempt to make detection more difficult.
Read the rest of this entry »


Time to boycott SourceForge?

Posted on May 30th, 2015 at 9:35 AM EDT

On Wednesday, ArsTechnica reported that the Windows version of the open-source GIMP image editing app hosted on SourceForge has been “seized” by SourceForge and used for distributing adware. This is a troubling development, but not exactly surprising for those who have been following the antics of SourceForge lately. Is it time to boycott SourceForge, as is already recommended for sites like and Softonic?
Read the rest of this entry »


InstallCore adware proliferates

Posted on April 8th, 2015 at 11:42 AM EDT

InstallCore is adware that began with a couple simple browser extensions. (One of these took the same name as a Spigot extension, “Searchme”, leaving questions about whether InstallCore might be related to Spigot in some way or whether this is purely coincidence.) Recently, however, new variants of InstallCore have been appearing like poop on a lawn full of geese. And some of the strategies it’s using stink just as badly!
Read the rest of this entry »


The unchecked growth of Mac adware

Posted on August 18th, 2014 at 2:40 PM EDT

Adware was unheard of on the Mac just a couple years ago. The first Mac adware appeared in 2012, and it was the only one to appear that year. Since then, adware has seen an exponential rise that promises to bring the Mac down to the same state as Windows, where adware infections are very common. Most people just want to know how to get rid of adware, but the questions we need to be asking are what is causing this sudden growth, and why is it being allowed to grow unchecked?
Read the rest of this entry »


Time to re-evaluate safety of Mac OS X

Posted on March 5th, 2014 at 11:07 AM EST

My Mac Malware Guide has, for some time, made the claim that a properly up-to-date Mac OS X system cannot be infected by any known malware. This was true at one point, with some provisos, when that text was originally written. However, recent cases of malware that has failed to be blocked by the XProtect anti-malware system in Mac OS X prompted me to do a re-evaluation of this statement. What I found was profoundly disappointing, leaving me wishing that I could take those words back.
Read the rest of this entry »


InstallMac uninstaller antics

Posted on February 16th, 2014 at 10:01 PM EST

InstallMac is adware that I have written about before, as it is currently being added to some downloads available on Softonic. (Without the permission of the developers of the apps in question, I should note.) This adware, as well as the Genieo adware that powers it, has been known for some time to have a non-functional uninstaller. Although the uninstaller does appear to remove the software, it leaves behind some of the hidden components. It turns out, though, that the uninstaller’s behavior is worse than previously known!
Read the rest of this entry »