JoisApp

Potentially Unwanted Programs (PUPs) are software applications that often sneak into devices alongside desired software or through deceptive advertising networks, potentially causing harm or undesirable effects on the system. They may include adware, browser hijackers and other types of software that users may not intend to install.

During an investigation of a Torrenting site known for utilizing rogue advertising networks, cybersecurity researchers encountered a redirection to a deceptive page promoting an installer containing the JoisApp PUP.

PUPs like JoisApp often come with undesirable and potentially harmful functionalities, and they commonly infiltrate devices through software bundling or deceptive advertising. These programs can negatively impact user experience and compromise device security and privacy if installed.

JoisApp Could Perform Various Intrusive Actions Once Installed

PUPs often come with a range of harmful functionalities, including data-tracking capabilities aimed at collecting sensitive data such as search engine and browsing histories, cookies, login credentials, financial data and more. This data is often exploited for profit through sale to third parties or other abusive practices.

Among the harmful capabilities of PUPs, adware and browser hijacking are particularly prevalent. Adware inundates users with various types of advertisements, including pop-ups, overlays, banners, and surveys, sometimes leading to stealthy downloads or installations upon interaction. Additionally, adware can generate rogue redirects, directing users to deceptive content.

Browser hijackers alter browser settings like the homepage, default search engine, and new tab/window settings to promote fake search engines. Users may find themselves redirected to these fake search engines whenever they attempt to search or open a new browser tab/window.

Most fraudulent search engines lack genuine search functionality, often redirecting users to legitimate search engines like Google or Bing. However, the few that do provide search results often return irrelevant or sponsored content, which can be unreliable, misleading, or even unsafe.

PUPs Seek to Get Installed Stealthily on Users' Devices

PUPs employ various shady distribution tactics to stealthily install themselves on users' devices, often without their explicit consent. These tactics aim to trick users into inadvertently installing unwanted software. Here's how PUPs seek to get installed stealthily:

• Software Bundling: PUPs often piggyback on legitimate software downloads, hiding within the installation process as optional extras. Users may overlook or fail to notice these bundled offers, inadvertently installing PUPs and the desired software.
• Deceptive Advertising: PUPs may be promoted through deceptive advertising, such as misleading pop-ups claiming system updates, free software, or prizes. Clicking on these advertisements may lead users to download and install PUPs without realizing it.
• Fake Download Buttons: On websites hosting pirated content or free downloads, PUPs may disguise their download links as genuine buttons. Users may unintentionally click on these counterfeit buttons, thinking they are downloading the desired content, only to end up installing PUPs instead.
• Social Engineering: PUPs often use social engineering tactics to trick users into installing them. This may include fake alerts warning of non-existent threats on the system or enticing offers promising free utilities or services.
• Misleading Installation Prompts: PUPs may present installation prompts that are programmed to confuse or mislead users. For example, they may use misleading language or deceptive checkboxes that, when clicked, actually agree to install additional unwanted software.
• Malvertising: PUPs may be distributed through rogue advertisements (malvertising) displayed on dedicated websites. Clicking on these advertisements can redirect users to websites that automatically download and install PUPs onto their devices.
• Browser Extensions and Add-ons: PUPs can be disguised as seemingly helpful browser extensions or add-ons. Users may install these extensions thinking they enhance their browsing experience, only to discover later that they exhibit unwanted behaviors.

These tactics are often designed to exploit users' trust, lack of awareness, or desire for free or desirable content, leading to the stealthy installation of PUPs on their devices.