AMCleaner, also known as Advanced Mac Cleaner, is a PUP (Potentially Unwanted Program) that is being spread through a dedicated misleading page. The campaign is targeted towards Mac users mainly, as the bait Web page is designed to appear as an official Apple site. The fraudsters redirect unsuspecting users towards their website by taking advantage of common typo mistakes the users can make when inputting popular website names in a tactic known as typo-squatting. This method has been used on Windows systems since the early 2000s. The page for AMCleaner will then present its visitors with various fake claims about unspecified malware threats being detected on the device. Even a fake scan window displaying various threats being found will be displayed to further scare users into downloading the application.
Once installed on the system, AMCleaner will proceed to scan three specific locations on the Mac - Library/Logs, Library/Cache, and Library/.Trash. By relying on the same fearmongering tactics, the application will generate fake notifications or overblown system issues dramatically, creating a rather apocalyptic picture. Its goal is to convince users into paying for the full version of the program that will supposedly be able to deal with the non-existent issues. Instead of paying the fraudsters, users can perform some of the suggested actions just by using the native Mac features, such as addressing the Trash Manager issues by emptying the Trash themselves.
Keep in mind that AMCleaner may be difficult to remove without using a professional anti-malware solution, due to the application's capability of establishing a persistence mechanism. AMCleaner also will inject itself into the LaunchAgents of the system to ensure that it will be executed on every system boot.