OperativeToolView

Cybersecurity researchers have caught another dubious application that is targeting Mac users. Named OperativeToolView, this application is capable of functioning both as adware and a browser hijacker. Users should keep in mind that most programs of this type are not distributed through the normal channels. Instead, they employ various questionable techniques that are all designed to hide the installation of the intruder application from the attention of the users. For example, OperativeToolView has been observed hiding inside fake Adobe Flash Player installers/updates. The reliance on such deceptive methods classifies OperativeToolView as a PUP (Potentially Unwanted Program).

Typically, adware delivers intrusive advertising materials by placing them inside any visited website. Users also can experience a massive increase in the encountered pop-ups during their browsing. The advertisements should be approached with caution, as clicking on them could trigger redirects to suspicious third-party websites.

At the same time, OperativeToolView will attempt to take control over the user's Web browser. More specifically, the PUP will try to generate artificial traffic towards a promoted address by setting the page as the new homepage, new tap page, and the default search engine. In the vast majority of cases, these browser hijacker applications are used to promote fake search engines. Fake engines cannot generate results on their own. They either redirect to a legitimate one (Yahoo, Bing, Google) or lead to a dubious engine that delivers untrustworthy results filled with sponsored ad links. 

PUPs have another nasty characteristic that should be taken into account. While they are present on the Mac, these applications could be spying on the user's browsing activities. Information such as the entire browsing history, clicked URLs, initiated searches alongside various device details (IP address, geolocation, ISP, and more) could be transmitted to a remote server continuously.