Mac users have yet another dubious application to keep an eye out for. Named AccessibleTask, this application can act both as a browser hijacker and adware. Users are extremely unlikely to install AccessibleTask willingly and the creators of the app are fully aware of this fact. That is why it is being spread through underhanded tactics, such as being injected into fake Adobe Flash Player updates. Infosec researchers classify all programs that rely on deceptive and manipulative methods for their distribution as PUPs (Potentially Unwanted Programs).
While AccessibleTask is present on the Mac, users will be subjected to an intrusive advertising campaign. The annoying advertisements could diminish the browsing experience on the device severely. In fact, the banners, pop-ups, coupons, etc., generated by the application could begin to cover any legitimate content viewed by the user. Not to mention that interacting with the displayed ads could expose users to additional security risks in the form of phishing pages or domains promoting more PUPs.
As for the browser hijacker part of the application - it is tasked with promoting a sponsored address, usually a fake search engine, by taking control over certain browser settings. Users might be quite surprised to find that their normal homepage, new tab page, and default search engine have all been modified to open an unfamiliar address. Fake search engines are classified as such, due to their inability to produce any meaningful results. Instead, they either redirect towards a legitimate engine such as Yahoo, Bing, and Chrome or cause a redirect chain that moves through several dubious engines before arriving at a legitimate one.
With PUPs installed on their Mac devices, users risk having their browsing habits spied on. Nearly all PUPs possess a certain degree of data-harvesting capabilities. In most cases, they are satisfied with accessing the browsing history, search history, and several device details such as the IP address and geolocation. Some PUPs, however, also try to obtain sensitive information that has been saved to the Web browser, including payment details and debit/credit card numbers.