Malware is being distributed in a wide variety of ways these days. Security researchers have managed to track down the distribution of Pirrit aware to an online marketing company based in Israel. As it turns out, a new version of the adware is in circulation right now. Albeit this adware is targeting Mac OS X users specifically, it is still a significant threat.
Also read: The Halving Month Is Here; What Will Happen to the Bitcoin Price?
People who have been following technology as of late may have come across the name Pirrit before. This particular type of adware targets Mac OS X users, and can cause some serious harm to infected devices. One security researcher from Cybereason wrote a script to automatically remove the adware from compromised machines. However, that script is no longer functioning, warranting further investigation into the matter.
Pirrit Adware Returns Thanks To TargetingEdge
Among the things Pirrit can do is obtain root access of the infected computer. Additionally, the adware will inject ads on the machine, but it can also hijack Internet traffic by using proxy servers. Interestingly enough, the most recent iteration of Pirrit is also actively removing competitive adware from the infected device.
Security researcher Amit Serper explained the discovery as follows:
“The variant’s creators made a crucial mistake that caused their entire operation to topple like a house of cards. The tar.gz archive format is a Posix format, which means that it also saves all of the file attributes (like owners and permissions) inside of the archive as they were on the computer that the archive was created on. So when I listed the files inside the archive, I could see the user name of the person who created the archive.”
Tracking down the distribution of Pirrit to an Israeli advertising firm is rather surprising. TargetingEdge, while still a stealth startup, offers a Mac-approved installer for its clients. The company also focuses on monetizing ad traffic. Interestingly enough, the email address on the company website does not exist, making it difficult to get a hold of the people in charge.
Selling ad space on people’s computers without consent is punishable by law. While using Pirrit may seem like a great way to sell ads for customers, it is doing far more harm than good. Moreover, it also makes TargetingEdge look like a very sketchy company.
What are your thoughts on this story and how the Israeli ad company is going about their business? Let us know in the comments below!
Source: Threatpost
Images courtesy of Shutterstock, Softpedia