FlexibleOrigin

FlexibleOrigin is yet another PUP that is being observed to target Mac users. This dubious application possesses the capabilities of both adware and a browser hijacker so its presence will be felt immediately upon its delivery on the system. PUPs are especially tricky applications and users should be extra careful when installing programs to catch the intruder program. After all, these dubious applications are not distributed through the normal channels used by legitimate software products. No, they rely on underhanded marketing tactics, such as bundling or fake software installers/updaters. FlexibleOrigin, for example, has been caught hiding inside fake Adobe Flash Player updates.

Once fully established on the Mac, the application will start to generate monetary gains for its operators. It does so in two different ways - through an intrusive advertising campaign and by promoting a fake search engine. The adware functionality is responsible for generating questionable advertising materials - pop-ups, banners, surveys, in-text links, etc. Users who engage with the shown advertisements risk triggering a forced redirect and thus being taken to various third-party websites that might include phishing pages, online tactics, fake giveaways, domains spreading PUPs, and other similarly untrustworthy pages. 

The browser hijacker part of FlexibleOrigin will not stay dormant while all this is happening. No, it will establish control over the victim's Web browser. More specifically, it will assign the homepage, new page tab, and the default search engine to now open a promoted address, which almost always belongs to a fake search engine. Fake engines cannot generate any results on their own. They either redirect the user's search queries to a legitimate engine such as Yahoo, Bing, or Google or lead to a dubious engine that shows low-quality results filled with sponsored ad links. 

If these red flags have not convinced you that keeping a PUP present on your Mac system may not be a good idea, then there is one more thing to consider - PUPs are notoriously known for spying on the user's browsing activities. Information including all visited sites, conducted searches, IP address, geolocation, ISP, and more could be accessed by the application, packed, and then transmitted to a remote server.