CompactFilter

CompactFilter aims to install itself onto users' Mac computers sneakily and then monetize its presence there via numerous intrusive activities. There are countless such applications in the wild and they are all spread via questionable methods. After all, it is extremely unlikely that users will download and install such a program willingly. That is why these PUPs (Potentially Unwanted Programs) are oftentimes packaged alongside another more desirable product in a scheme known as bundling.

However, once deployed on the Mac, CompactFilter drops the pretenses of any subtlety and activates its adware and browser hijacker functionalities. The application will run an intrusive ad campaign that may severely impact the user experience on the device. The advertisements could be presented as pop-ups, banners, in-text links, etc. Users should approach all advertisements delivered by such shady sources with caution. Clicking on any of them could trigger a redirect to a shady or even unsafe website.

CompactFilter also will impact the installed Web browsers. As most browser hijackers, it also may modify the browser's homepage, new tab page and default search engine. Afterward, whenever the user launches the browser, opens a new tab, or initiates a search via the URL bar, it would result in traffic towards the sponsored page. Keep in mind that browser hijackers are mostly involved in the promotion of useless fake search engines. Fake engines lack the necessary functionality to generate results. They would take the user's search queries and either redirect them to a legitimate engine or start a redirect chain. In the latter case, the search may pass through several dubious engines before users are presented with low-quality results filled with sponsored advertisements.

PUPs also are notorious for spying on users' browsing activities. Various information may be obtained both from the impacted browsers, as well as the device itself. The data could then be packaged and exfiltrated to a remote server where the operators of the specific PUP can exploit it in a variety of ways.