Fake Safari patch leads to MacKeeper and ZipCloud

There are several ways to infect systems and spread malicious files. one of the widely used method is the fake application update this because it is something that we do constantly and user trust the application vendor.  over this week Malwarebytes team alerting of a fake safari update that is targeting Mac users.

The fake update is hosted on  a compromised sports streaming website “First Row Sports”. when the victim try to display the video he is going to be redirected to a second page that claims to have the safari update. This will urge user to click on the button to download the patch.

Fake Safari update Sourced Malwarebytes

Fake Safari update Sourced Malwarebytes

Installing the package will execute the MacKeeper and ZipCloud. MacKeeper is an adware that will be used by cyber criminals to display advertising banners on  several browser such as Safari, Firefox and Chrome, This will help in monetizing the malicious activities by having pay-per-click revenue.

To protect your Mac system make sure that you download patches and update only from trusted sources such as App-store or from the site that you are sure to provide a safe software packages. This may help to reduce the risk of adware and will make you have the latest updates safely.