ScalableRemote

ScalableRemote is a rogue application that preys on Mac users. For its distribution, it relies on deceptive and manipulative marketing tactics such as bundling - hiding its installation inside the installation menu of another more widespread application. This justifies the classification of ScalableRemote as a PUP (Potentially Unwanted Program). As for its actual functionality, it combines aspects of a browser hijackers with those observed in adware applications.

When installed, ScalableRemote will start displayed numerous unsolicited advertisements to the user. These may take the form of banners, surveys, pop-up windows and can even be injected as hyperlinks into the text of visited websites. The overlays generated by ScalableRemote could become intrusive enough to cover the content viewed by the user. Clicking on the advertisements could lead to dubious offers for additional PUPs or rogue applications and could even lead to an unsafe or outright compromised website.

While present, ScalableRemote also will establish control over the user's browser. The homepage, new page tab, and the default search engine settings will be set to open a promoted link. As a result, whenever the user simply opens the browser, a new tab, or conducts a search, it will drive artificial traffic towards the sponsored address. In nearly all cases, the promoted links are for fake search engines that cannot produce any search result on their own as they lack the capability. Instead, they take every search query and redirect it through a legitimate search engine such as search.yahoo.com. Users should keep in mind that unrelated sponsored links could be injected into the list of displayed results.

Furthermore, applications such as ScalableRemote are known for possessing a range of data harvesting abilities. The information typically obtained by them include the user's browser and search history, visited URLs, geolocation, IP address and ISP (Internet Service Provider). Some applications, however, are far more threatening as they also try to access sensitive details from banking transactions that have been saved in the affected browser.