MacSecurityPlus is advertising virus, that hits Mac systems. It aims Safari, Google Chrome or Mozilla Firefox browsers and wants to control these apps to display ads, pop-ups and get access to private user's data. MacSecurityPlus does not have any interface, but its activity can be spotted in Activity Monitor. It also generates fake system alerts and causes legal system messages to force users to grant access to browsers for MacSecurityPlus. As a result of virus activity, users may experience unstable browsers operation, modification of browser settings, such as default search engine and homepage, and annoying, unusual advertising. In addition to that, MacSecurityPlus access to browsing data (history, cookies, caches, bookmarks), opens gate to affected computer for advertisers of all kinds.
Push-time.com is unsafe website, that is used for social engineering attack in Google Chrome, Mozilla Firefox, Internet Explorer, Safari or Edge browsers on Windows, Mac or Android operating systems. Main goal of such shady websites is to subscribe users to browser notifications, using trickery and fraud. Notifications is a function in modern browsers, when news or subscription updates are delivered to the desktops even when the browser's window is closed. The idea behind this, is to inform users about hot news, social networks updates or new YouTube videos from subscriptions. However, cool feature was turned to their advantage by advertising networks. The Push-time.com is one of thousands domains, using similar technique to fool unsuspecting users.
MacAppExtensions (Adware.MAC.Linkury.C) is malware related to Search.tapufind.com hijacker, that we described in some of our earlier articles. It works in MacOS and targets Safari, Google Chrome and Mozilla Firefox browsers. The main symptom is, that your browsers search and homepage settings change to search.tapufind.com, and this setting cannot be modified until MacAppExtensions is removed. However, this virus not only hijacks the browser, but also gathers private information about its user (collects data related to browsing activity: geolocations, entered search queries, URLs of visited websites, IP addresses etc.).
Robotcaptcha.info is adverse domain, that may show unwanted pop-ups and ads in Google Chrome, Mozilla Firefox, Internet Explorer Safari or Edge browsers on Windows, Mac or Android operating systems. Landing pages from Robotcaptcha.info appear from nowhere and offer users to subscribe to notifications. This is feature in modern browsers, that help users get actual news in faster and convenient way. However, on the other side of this, when website is of advertising nature, users start receiving ads, pop-ups, tech support scam messages on their desktops. This is an element of social engineering, and clicking "Allow" button, actually, subscribes users to notifications. At the same time, Robotcaptcha.info initiates standard dialog box window with option to allow or block notifications from site you are visiting. If person clicks on the "Allow" button, users will start receiving unwanted pop-up ads from Robotcaptcha.info directly on the desktop even when browser is closed.
Geofright.com (5.geofright.com, 23.geofright.com) is malicious website, that hosts phishing and fraudulent pages and subdomains, that trick users into subscribing to unwanted notifications in Google Chrome, Mozilla Firefox, Safari, Edge, Internet Explorer browsers, running on Windows, Mac or Android. Users land on websites like Geofright.com after multiple misleading redirects after visiting questionable online resources. After this users start getting ads, pop-ups, tech support scam messages on their desktops. This tutorial describes ways to remove Geofright.com and stop ads, pop-ups and notifications from such sites.