Signed application installed malware
| Originator: | ehlojames | ||
| Number: | rdar://27013246 | Date Originated: | 25-Jun-2016 |
| Status: | Open | Resolved: | |
| Product: | OS X | Product Version: | |
| Classification: | Malware | Reproducible: | Yes |
Summary: Tuneup installs malware on OS X even if the bundled offer is declined. Steps to Reproduce: Visit http://www.tuneupmedia.com/ Download latest version http://www.tuneupmedia.com/redirect/mac-download Mount and install Accept or decline the offer and the installer will start installing malware Expected Results: Install Tuneup application only without unsolicited malware Actual Results: The installer starts automatically opening browser windows and setting panes making unknown changes to the system On my machine Safari and Chrome it changed at least the default start page and installed a malware extension The extension in question was called "Internet Assistant 81" In the end I had to reset Safari and Chrome to reverse any other unseen changes that could have compromised the security of my system Version: 10.11.5
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!