Crossrider

Malware Profile Updated a month ago
Download STIX
Preview STIX
Crossrider is a type of malware, specifically an adware variant, that targets and exploits computer systems to cause harm. It infiltrates systems through dubious downloads, emails, or websites, often without the user's knowledge. Once inside, Crossrider can disrupt operations, steal personal information, or even lock data for ransom. This malicious software has been particularly problematic for Mac users, with a new variant emerging that infects these systems in a unique way. The new variant of Crossrider appears benign on the surface but installs a configuration profile that forces both Safari and Chrome browsers to always open to a page on chumsearch[dot]com. This means that every time a user opens their browser, they are directed to this specific website, which is associated with the Crossrider malware. This variant has also locked Safari's homepage setting to a Crossrider-related domain, preventing users from changing it. Fortunately, security software like Malwarebytes Premium can detect and block common infostealers, including Crossrider and others such as AMOS, Genieo, and Vsearch. These tools provide essential protection against these intrusive and harmful threats, ensuring that Mac users can safely navigate the internet without fear of unknowingly downloading malicious software.
What's your take? (Question 1 of 0)
3cf2e050-cfc3-42b8-946f-72ee88656161 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Safari
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Crossrider Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
New Crossrider variant installs configuration profiles on Macs | Malwarebytes Labs
CERT-EU
10 months ago
All the Mac malware we know about
Malwarebytes
3 months ago
No “Apple magic” as 11% of macOS detections last year came from malware | Malwarebytes