Connect with us

How-To

How to remove the Bing search redirect from your Mac

If your Safari browser on a Mac computer is getting redirected to Bing, it is a strong sign of malware infection that requires immediate fixing.

13 inch macbook pro keyboard 2020
Image: KnowTechie

Although Mac systems are relatively secure and viruses have almost no chances to penetrate it, some malware authors still can find workarounds and bypass admin permissions to modify default settings in web browsers. That is what the Bing redirect Mac virus does to Apple systems these days.

Bing virus redirects web searches to legitimate bing.com. Every time users are trying to look up a phrase in Yahoo or Google search engines; a cunning code changes the page to Bing search results. Users are unable to set the desired browser configuration using common means. It does not help if users set the preferred search provider as each time the web browser is relaunched, custom settings are gone, and Bing redirects return.

The explanation to the problem is quite simple – redirect virus does not go away and continues to work in the background. It will alter custom settings no matter how often you change it. To get rid of the problem, it is necessary to find the culprit and remove it from the Mac completely. Malware authors behind the Bing redirect virus are motivated by traffic monetization. They partner with advertisers and benefit from unique clicks and page hits.

Bing redirect virus distribution methods

Getting infected with this malware is the result of victims’ uninformed decision to install it themselves. The malicious application often penetrates Mac devices together with legit software. This method involves bundles – installing several software products under the guise of one.

There are many cases of Bing infection among users who installed the MS Office. Fake Adobe Flash Player update is another distribution vector. In some cases, the malware in question penetrated Macs together with rogue antiviruses or system optimizers akin Mac Cleanup Pro. It also often happens that users get infected when they install free browser enhancement utilities like icon design tools.

Infection symptoms

Browser redirects is the most vivid effect of the attack, but it is not the only thing. Fake ad injection on websites is another symptom. In addition, the Bing redirect virus collects user browsing history, GEO location, system information, and other personal data.

Scareware methods may also characterize the Bing redirect virus activity. Fake ads pressure users to buy malware removal license. Users are shown malware scan results that include numerous security issues. In addition to viruses allegedly found on Mac computers, users may see notifications about their devices running low on memory. Again, the main reason for all these activities is to make victims pay up.

Virus persistence

Browser updates do not help in getting rid of the Bing redirect virus. Manual browser or system reconfiguration efforts work only until the next reboot. The tricky device configuration profile is the primary persistence factor in the case of Bing redirect. It is a popular method used by Mac malware to prevent easy removal.

How to get rid of Bing redirect virus on Mac

Detailed instructions below walk through the removal process. Please make sure to follow all the steps in the specified order.

1) Click the Go in Mac’s Finder and go to Utilities.

2) Find the Activity Monitor and double-click it.

3) Inside the Activity Monitor, try to find suspicious processes. Focus on unfamiliar entries that are resource-intensive. Please note the name may not relate to the way malware manifests itself. So, judge yourself here. In case you find the malefactor, click on it, and select the Stop function in the left-hand corner.

4) Once a dialog appears that asks if you are sure about quitting this process, click Force Quit.

5) Select the Go icon in the Finder again, but now click on Go to Folder...

6) In the folder search dialog, enter /Library/LaunchAgents and click Go.

7) In the LaunchAgents folder look for suspicious items. Again, files created by Bing search redirect may not look malicious. It is advised to examine all recently added entities. Once you find files that are too suspicious drag them to the Trash.

Below are examples of rogue LaunchAgents related to Bing redirect.

8) Click on Go to Folder again and type ~/Library/Application Support. Please do also enter the tilde symbol in the beginning.

9) In the Application Support section, find all recent folders and move them to the Trash. Remove files that have nothing to do with apps you know.

10) In the Go to Folder area, type ~/Library/LaunchAgents string. And again, do not forget about the tilde symbol.

11) The OS will now show all LaunchAgents residing in the Home directory. Here, you should also try to find suspicious files related to the Bing search malware. Once found, move dodgy items to the Trash.

12) Now, it is time to go to /Library/LaunchDaemons.

13) The LaunchDaemons section may also store files that malware uses. Here are examples of items used by Mac malware: com.startup.plistcom.pplauncher.plist. Move suspicious files to Trash.

14) Click the Go icon and select Applications.

15) Enter the Admin password. Identify apps that you did not install deliberately and put them to the Trash.

16) Go to the Apple menu and click System Preferences

17) Go to Users & Groups and select Login Items.

All start-up items are displayed in this list. Try to find unwanted apps and press the minus (“-”) button.

18) Now, it is time to go to Profiles found under System Preferences. The left-hand sidebar includes all current config profiles. Most often, you have only one. Remove additional malicious profiles created by the malware. Chrome Settings are AdminPrefs are examples of malicious configuration profiles. Click the rogue item and select the minus (“-”) button.

Remove Bing search redirect virus from web browsers

Once the Mac system is penetrated by malware, the malefactor also infects all browsers even though you remove the virus and its components from the system. To get rid of Bing ads and redirects, all the browsers should be restored to their defaults.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in How-To