spi-hijack-google

Search Page Injection (SPI) malware on Mac OS

Background One customer shared a “sketch crack” dmg package with us and complained that Google search page began to return weird results after installing this package. So, our research team decided to install this fake sketch dmg on our sandbox environment. The outcome was very Interesting. We found out that the search on google was indeed hijacked. Below is the google search result for the…

searchpage on macOS : dissecting a recently rampant adware

Searchpage has been targeting Windows machines for a while but it is rampant to macOS recently. Average users wouldn’t even know how the adware was installed because it is bundled with other free software that downloaded off of the Internet. Searchpage won’t pop-up tons of ads but users could find these changes with the web browsers : Default homepage become SearchPage.com, example as https://www.searchpage.com?uid=aa9e8d0a041f9724bdfdddb66ca14321&aid=3079&ts=1205887148&v=o0.2. Search engine become…