Webroot did not catch the following threat, APPSOM1.com which was a pop up that held Safari hostage. It was asking to Upgrade Video Player with no option to cancel. According to a few blogs, this is Malware
By exiting Safari and reopening a few times after Shutting down and rebooting computer, I was able to Quick Flick the red dot / cancel button before it greyed out and finally got Safari back.
Questions:
A) Why didn't Webroot catch this threat?
😎 Can my Mac still be infected even though I did not click the GO/OK button in the Pop Up?
C) how can I protect against such a threat in the future?
Thanks.
Page 1 / 1
Hello amomusic53,
Welcome to the Commnunity Forum,
Sorry to hear you had this issue.
Would you please issue a Support Ticket so they can look into this for you. It's free of charge with an active subscription.
Maybe@ can answer your questions since he's our Mac Threat Researcher and he'll be in Tuesday. But go ahead an issue that ticket ok?
KInd Regards
Welcome to the Commnunity Forum,
Sorry to hear you had this issue.
Would you please issue a Support Ticket so they can look into this for you. It's free of charge with an active subscription.
Maybe
KInd Regards
Hi arnomusic53
Welcome to the Community Forums.
If I may add to what Sherry has already advised...from my research it would seem that this is not in fact malware but rather a javascripted adware that affects your web browser, and only temporarily. It looks very much like what we call in the Community, a PUA or Potentially Unwanted Application.
As you have seen these are very annoying at best in that they cause pop-us, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
The key to avoiding them is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see this link for more information regarding Webroot's stance on these annoying programs.
In terms of your questions; my suggestion is that you go with what SHerry has suggested and let the Support Team take a look at your system once they respond to the Support Ticket being raised, and that way you can be sure that there is nothing further to compromise your system
Regards, Baldrick
Welcome to the Community Forums.
If I may add to what Sherry has already advised...from my research it would seem that this is not in fact malware but rather a javascripted adware that affects your web browser, and only temporarily. It looks very much like what we call in the Community, a PUA or Potentially Unwanted Application.
As you have seen these are very annoying at best in that they cause pop-us, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
The key to avoiding them is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see this link for more information regarding Webroot's stance on these annoying programs.
In terms of your questions; my suggestion is that you go with what SHerry has suggested and let the Support Team take a look at your system once they respond to the Support Ticket being raised, and that way you can be sure that there is nothing further to compromise your system
Regards, Baldrick
Hello arnomusic53,
Baldrick was correct, this is caused from a java exploit and can be fixed easily. If you are still having the issue please send me a private message and I can instruct you on what to do next.
Thanks,
Baldrick was correct, this is caused from a java exploit and can be fixed easily. If you are still having the issue please send me a private message and I can instruct you on what to do next.
Thanks,
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.