OffersPrimary
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 20 % (Normal) |
Infected Computers: | 11 |
First Seen: | September 2, 2021 |
Last Seen: | November 10, 2022 |
The number of dubious and intrusive applications that are targeting Mac users continues to grow, demonstrating the enduring attention that certain circles of unscrupulous people are paying to the Apple ecosystem. One such application that has caught the attention of infosec researchers is OffersPrimary. It combines the capabilities of adware and a browser hijacker to maximize the monetary gains it can generate through its presence on the Mac. Other similar PUPs (Potentially Unwanted Programs) include EasyMacSoft, MainOperations and PureAdvantage.
The intrusive ad campaign run by OffersPrimary will see the user's Mac device flooded by unwanted and potentially risky advertisements. The advertisements may appear as pop-ups, banners, in-text links, and could be injected into unrelated third-party websites in an attempt to make them seem more legitimate. Furthermore, the advertisements could be promoting more useless PUPs, threatening websites or phishing pages.
The presence of OffersPrimary on the Mac also will affect the installed Web browsers. As a typical browser hijacker, the application is targeting the browser's homepage, new tab page, and default search engine mainly. All three settings may now be switched to open a promoted Web address. In the vast majority of cases, the new address will belong to a fake search engine that is completely incapable of delivering any results through its own functionality. When users initiate a search query they could instead be shown results from a legitimate engine or a dubious one. In the latter case, the displayed results may include sponsored advertisements or promotion links to untrustworthy websites.
PUPs also are infamous for spying on the browsing activities carried on the system. Users could have their browsing history, search history, and clicked URLs collected, stored, and then transmitted to a remote server under the control of the PUP's operators. The harvested information also may include numerous device details, as well as sensitive banking and payment info extracted from the user's Web browser.