ActiveLink
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 2 |
| First Seen: | August 30, 2022 |
| Last Seen: | September 5, 2023 |
ActiveLink is an invasive application targeting Mac users. Like other dubious software tools of this type, ActiveLink also is likely to be spread via questionable methods. Two of the commonly used distribution tactics include software bundles, where the additional items selected for installation are hidden under different menus, such as 'Advanced' or 'Custom' and fake installers/updates. The reliance on such underhanded methods classifies these applications as PUPs (Potentially Unwanted Programs).
When infosec researchers analyzed ActiveLink, they also discovered that it is an application from the prolific AdLoad adware family. It is designed with the capability to deliver unwanted advertisements to the Mac devices it gets installed on. The problem with the advertisements generated by such unproven sources is that they are often used as a way to promote potentially unsafe destinations - fake giveaways, phishing schemes, tech support frauds, betting/gaming platforms, etc.
Many PUPs also display data-tracking capabilities. While present on the device, these applications may continuously spy on users' browsing activities, as well as harvest and exfiltrate numerous device details. In some cases, PUPs have even been observed attempting to access confidential details saved in browsers' autofill data. These may include users' account credentials, banking info, payment details and more.
