OSX.Genio.A Adware Trojan

Several customers have reported seeing fake Flash Player alerts, triggered via JavaScript, on websites they’ve visited.

Genieo

Clicking on the links in the alert can download a Mac installer based on the Genieo Adware software.

Genieo1

Genieo is an Adware company that makes money through sponsored ‘adverts’; it will install software that customises your Internet browser page to display products that it believes you’ll find interesting. The installer installs a Java application that runs each time on restart and also silently intercepts and redirects web searches made via popular search engines, such as Google and Yahoo, as well as gathering and reporting analytics from your computer.

While Genieo has generally been an opt-in application, this latest ‘trojan’ pretends to be something else so that the unwitting user installs the software. A look in the application’s plist file, which contains a partner ID, would suggest that it has been created by one of Genieo’s partners who, one would assume, is being rewarded for promoting Genieo in this way.

Due to the surreptitious nature in which this version of the software can arrive on your computer it has been deemed to be a Trojan by several antivirus companies.

ProtectMac AntiVirus will detect the dmg file and the installed application as OSX.Genio.A