Intego researchers recently discovered that software download site Softonic was delivering adware embedded in installer packages for the extraction utility UnRarX and the VLC media player. Intego identifies the threat as OSX/Okaz.A.
During installation, the packages also offered to install a toolbar related to the ChatZum app. Regardless of whether the user accepted the installation of the toolbar or not, the package would install an Internet plug-in called Zako, and would change the browser's default search option to ChatZum.
"It is important to note that valid UnRarX and VLC packages do not try to surreptitiously install adware," writes Intego's Lysa Myers. "The fake package is signed with a certificate that does not pertain to either software company."
The Safe Mac's Thomas Reed reports that a Softonic representative told him the issue occurred because "we were testing an installer for Mac on selected software and thanks to your post and other users information, we have immediately stopped the distribution of this installer until our provider corrects the error."https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"This indicates, to me, that Softonic does not see a problem with adding their own adware to freeware programs," Reed writes.