MacSecurityPlus is advertising virus, that hits Mac systems. It aims Safari, Google Chrome or Mozilla Firefox browsers and wants to control these apps to display ads, pop-ups and get access to private user's data. MacSecurityPlus does not have any interface, but its activity can be spotted in Activity Monitor. It also generates fake system alerts and causes legal system messages to force users to grant access to browsers for MacSecurityPlus. As a result of virus activity, users may experience unstable browsers operation, modification of browser settings, such as default search engine and homepage, and annoying, unusual advertising. In addition to that, MacSecurityPlus access to browsing data (history, cookies, caches, bookmarks), opens gate to affected computer for advertisers of all kinds.
Search.yourmapsnow.com or Your Maps Now is misleading browser hijacker, that replaces default search engine and homepage in Safari, Google Chrome or Mozilla Firefox on Windows or Mac. Often, it is accompanied with browser extension or application called "Your Maps Now". This add-on sneaks in browsers and takes control over main browser settings. Of course, it installs without user permission using the deceptive tactic. After installation, user search queries are redirected to query.yourmapsnow.com and then to search.yahoo.com. This allows the hijacker to collect private browser data and share it with advertising companies. The homepage also changes to Search.yourmapsnow.com and, besides search, provides quick links to main map resources such as Google Maps and Bing Maps. Page looks similar to normal search engine page, and some users don't even see the difference until they start searching for something.
PDF Converter Hub (a.k.a. PDF Converter Hub New Tab, Search.hpdfconverterhub.com) is potentially unwanted browser extension for Google Chrome, Mozilla Firefox and Safari. Malware originates from Cyprus and was developed by Eightpoint Technologies Ltd. (some sources indicate SpringTech Ltd.) It modifies search and homepage settings in these browsers and controls them not allowing users to make changes. Hijacker sets search.hpdfconverterhub.com as default search engine, new tab and home page. However, search queries typed in the search box are redirected to search.yahoo.com, so there can be some kind of affiliation or partnership between large search provider and developer of the add-on. PDF Converter Hub also constantly offers users to subscribe to its notifications, which will lead to getting unwanted advertising as desktop notifications. Main page itself consists of toolbar, search box, informational links and shortcuts to popular shopping sites and social networks. PDF Converter Hub is promoted as convenient tool for converting various file formats to PDF and vice versa.
Push-time.com is unsafe website, that is used for social engineering attack in Google Chrome, Mozilla Firefox, Internet Explorer, Safari or Edge browsers on Windows, Mac or Android operating systems. Main goal of such shady websites is to subscribe users to browser notifications, using trickery and fraud. Notifications is a function in modern browsers, when news or subscription updates are delivered to the desktops even when the browser's window is closed. The idea behind this, is to inform users about hot news, social networks updates or new YouTube videos from subscriptions. However, cool feature was turned to their advantage by advertising networks. The Push-time.com is one of thousands domains, using similar technique to fool unsuspecting users.
MacAppExtensions (Adware.MAC.Linkury.C) is malware related to Search.tapufind.com hijacker, that we described in some of our earlier articles. It works in MacOS and targets Safari, Google Chrome and Mozilla Firefox browsers. The main symptom is, that your browsers search and homepage settings change to search.tapufind.com, and this setting cannot be modified until MacAppExtensions is removed. However, this virus not only hijacks the browser, but also gathers private information about its user (collects data related to browsing activity: geolocations, entered search queries, URLs of visited websites, IP addresses etc.).