Adware

Pirrit is a sophisticated adware family that primarily targets macOS systems. It was first discovered in 2016 and has been actively distributed since then. Adware refers to unwanted applications that generate revenue for their creators by displaying intrusive and often deceptive advertisements. Pirrit is more malicious than its Windows counterpart as it takes total control of the machine, making it very hard for the user to remove it. Once installed, Pirrit adware displays intrusive ads such as coupons, banners, surveys, and pop-ups, often concealing the underlying content of visited websites. It also collects user data to display targeted ads and can redirect users to malicious websites, potentially leading to further malware infections. Pirrit adware significantly affects the performance of the infected Mac, making it slower and less responsive. It also poses a risk to user privacy and security as it can gather sensitive data and expose it to potential exfiltration. Moreover, Pirrit adware is extremely hard for the average user to remove. It does not have a configuration screen or an entry in the /Applications directory, making it difficult for users to even realize that their system is infected.

Earthheartsmith.top is a deceptive website that exploits browser push notifications to bombard users with intrusive spam advertisements. It is categorized as a potentially unwanted program (PUP) and browser hijacker. The site tricks visitors into enabling push notifications using fake system warnings and alerts. For instance, it may display a fake notification claiming your browser is “out of date” and you need to “allow notifications” to update it. However, enabling notifications does nothing to update your browser. Instead, it grants Earthheartsmith.top permission to send push notification spam directly to your desktop or mobile device. Once enabled, Earthheartsmith.top will constantly bombard your device with inappropriate pop-up ads, even when your browser is closed. The spam push notifications promote things like adult and dating content, freemium games and apps, software update scams, weight loss or brain enhancement supplements, and other dubious products and services. By tricking users into granting push notification approval, Earthheartsmith.top completely bypasses browser pop-up blockers and directly inundates devices on a system-wide scale. Earthheartsmith.top can affect a wide range of browsers and devices. It can send push notifications to both desktop and mobile devices. It can affect popular browsers like Google Chrome, Mozilla Firefox, and Safari.

Online Radio adware is a type of malicious software that displays intrusive advertisements to users while they are browsing the internet or using certain applications. This adware is often associated with free, ad-supported software or services, particularly those that allow users to listen to online radio stations. The impact of Online Radio Adware on users' systems and online experiences can be significant. It can inundate web browsers with intrusive ads, hamper system performance, and compromise online privacy through user behavior tracking. The ads can lead users to potentially harmful websites that may extract sensitive information, promote rogue applications, and more. Furthermore, some adware may also function as spyware, secretly collecting information about the user and reporting such data back to a cybercriminal. This can lead to serious privacy issues and potential identity theft. Online Radio Adware primarily targets browsers with large user bases such as Google Chrome, Mozilla Firefox, and Internet Explorer. Once installed, the adware can read and modify all data on any website, display advertisements in places they shouldn’t be, and redirect users to potentially harmful websites.

Medicmediai.com is a malicious website that exploits the browser notification system to deliver spam pop-up ads to users' devices. It tricks users into subscribing to its push notifications, which then allows it to send unwanted advertisements even when the browser is closed. These ads often promote adult sites, online games, fake software updates, and unwanted programs. Once a user is tricked into allowing notifications from Medicmediai.com, the site abuses this permission to send spam notifications directly to the user's device. These notifications can promote harmful or unwanted software and may deceive users into downloading or installing it. To stop these notifications, users must revoke the permission granted to Medicmediai.com within their browser settings. Medicmediai.com targets all major browsers, including Google Chrome, Mozilla Firefox, Microsoft Edge, and Safari. It can affect both Windows and Mac operating systems, as well as Android devices. The infection can persist across different browsers and devices if the user has granted notification permissions or if there is an underlying adware infection.

CommonValue is a type of adware that specifically targets Mac systems. It is part of the AdLoad family, known for displaying unwanted ads and collecting user data. This adware is not classified as a computer virus, but it is categorized as a potentially unwanted application (PUA) due to its intrusive behavior. Once installed, CommonValue operates by presenting users with irritating advertisements and may collect diverse information, posing a substantial privacy risk. It alters the settings of popular browsers such as Mozilla Firefox, Google Chrome, Internet Explorer, and Safari, amplifying the volume of displayed ads. This can lead to a discernible deterioration in Mac performance and speed, while also exposing users to potentially harmful web pages controlled by cybercriminals. The ads displayed by CommonValue often contain malicious links and can lead to the download and installation of other malware such as EditExecute, InteractiveUnited, and SonicsSeek. Furthermore, the extension is designed to harvest personal information, including account and credit card details.

Livesport.ws is a website that provides free online broadcasts of various sports events, including statistics, recaps, and video reviews. However, it's important to note that this sports streaming service is considered illegal due to its use of rogue advertising networks. Livesport.ws exploits browser notifications by displaying various ads and links that, if clicked, open dubious, potentially malicious web pages. These ads can be designed to run scripts that cause the download and installation of potentially unwanted applications (PUAs). In some cases, users looking to watch a stream are tricked into allowing notifications. This can lead to a situation where users are spammed with junk notifications. Even if users shut down their computers, the changes will remain, leading to persistent unwanted notifications. Livesport.ws can infect a wide range of browsers and devices. The website's ads and redirects can affect any web browser that a user might use to access the site, including popular browsers like Google Chrome, Mozilla Firefox, and Microsoft Edge.

Cumbha.app is a potentially unwanted application (PUA) that is also known as Pirrit Adware. It is classified as adware due to its primary function of displaying ads and creating annoying pop-ups. The application uses technical tricks to stay hidden and avoid detection, making it challenging for users to understand its actions. Cumbha.app is not technically a computer virus, but it can still pose risks due to its adware characteristics, potential unwanted program activities, and backdoor capabilities. It is also known to have data-tracking functionalities, which can collect targeted data such as browsing and search engine histories, Internet cookies, usernames/passwords, personally identifiable details, finance-related information, etc. This vulnerable data can then be shared with and/or sold to third parties, potentially cybercriminals. If Cumbha.app has infected a Mac system, it is crucial to act fast and remove it. Users should delete all associated files thoroughly. Using a trusted anti-malware program is highly recommended for a complete and effective cleanup of the infected system.

Opmetapodor.com is a deceptive website that is classified as a potentially unwanted program (PUP) and browser hijacker. It uses social engineering tactics to trick users into enabling push notifications under the guise of fake system or browser errors. These notifications are not benign; once allowed, they enable Opmetapodor.com to send spam directly to the user's desktop or device, leading to a bombardment of inappropriate pop-up ads, even when the browser is closed. Opmetapodor.com exploits browser notifications by tricking visitors into enabling them using fake prompts. These prompts may falsely claim that the user's browser is out of date or that they need to allow notifications to fix a problem, watch a video, or confirm they are not a robot. However, these notifications are a ruse to send spam and potentially harmful content directly to users, bypassing browser pop-up blockers Opmetapodor.com targets commonly used browsers such as Google Chrome, Mozilla Firefox, and Internet Explorer. It affects devices running various operating systems, including Windows, macOS, and Android. The intrusive ads and notifications can appear on desktops as well as mobile devices, disrupting the user experience across platforms.