macOS Spigot adware

Wednesday November 15, 2017

I was a little bit paranoid yesterday (14 Nov 2017) following the discussion on Twitter regarding the need for an antivirus software on Windows 10, given that the Windows Defender seems potent enough to ward off (potential) infections. A friend pointed out that Windows 10 Fall Creator Update (FCU) 2017 has a beautifully revamped Windows Defender and I cannot wait to see it soon. I mean, I could turn on the FCU now, I guess.

The discussion then took another direction into the need for an antivirus on macOS. I did not consider that not having an antivirus on macOS would be an issue, but it turned out I was quite wrong there. Another friend of mine pointed out that his macOS device was infected with a malicious javascript code that was installed on his device to perform cryptocurrency mining whenever the browser was active and that could easily jack up the CPU usage.

Knowing this made me feel a little bit concerned.

So I installed Avast on the macOS and not long after the installation was finished, it detected an adware called Spigot. Apparently, Avast found more threats (cousins of the Spigot, apparently) when I ran a system-wide scan.

Spigot Adware Bro, I found something here.

Seems like the Spigot had been collecting information about my buying habit. There are some speculations pointing out where it could have come from, chief among them are shopping-related browser extension and visiting websites that could have been compromised.

Things like this could happen to everyone. When visiting relatively unknown websites, maybe it could be a good idea to use the private browsing mode. Everything loaded by the server in the private browsing mode is sandboxed and discarded when the browsing session ends.

Malwarebytes installation screen on macOS Very reassuring. Thanks.

There is something I could not sit really well with Avast. It does not give you the option to disable it at boot both on Windows and macOS version. This is a little bit annoying for me. Besides, the primary download location is from the CNET over the HTTP, without SSL encryption. Should I trust a provider that does not enforce SSL? Probably not.

For now, Malwarebytes is the preferred choice although it acts differently than any typical antivirus software.