Bing redirect virus schemes keep Mac users on their toes

Rerouted to Bing on your Mac? Look for malicious code causing this

If you ask your average layman what software they find irreplaceable, the web browser is undoubtedly going to be the most frequent answer. That’s because the user experience is half-baked without the captivating online world. It comes as no surprise that any predicament where a browser doesn’t work as intended is immensely unsettling.

For instance, imagine your Internet preferences being taken over and substituted with incorrect set-ups out of the blue. Seems like a snafu, doesn’t it? This is precisely what happens when the Bing redirect virus crops up inside your Mac.

Here’s how this quandary manifests itself: whenever you enter keywords in a search engine of choice, be it Google or Yahoo for example, the results are returned via instead. The same goes for situations when you type your search in the address bar.

Blaming this mess on Microsoft’s search engine is a misreading. The only role it plays in this conspiracy is to smokescreen a rabbit hole of the threat actors’ malvertising maneuvers. Prior to hitting, your traffic follows a complex route that spans in-between domains whose operators pay the malware authors for user leads. That said, the resulting page is nothing but a red herring and at the same time the most conspicuous signal of the fraud.

There are several more personas of this infection that are less prominent than the landing site but bridge the gap between browser hijacking and the crooks’ money-making schemes. These are supplementary pages (,,, or that show up in the browser’s status area for mere milliseconds in the course of every redirect. It’s these URLs that intertwine the hoax with advertising networks’ APIs so that the malefactors rake in their dirty profits. and URLs constituting the Bing redirect scheme

As far as the fix goes, the key thing to understand is that the Bing redirect problem is precipitated by a piece of malicious code. It’s a dodgy app focused on giving Safari, Google Chrome, and Mozilla Firefox preferences an overhaul without your permission. Although this potentially unwanted application (PUA) slithers into a Mac quietly, it still hinges on user interaction of some kind to get onboard.

The attack is predominantly a matter of a software wrapping technique. It works by duping a user into installing something dangerous alongside something harmless. The pitfall is that the fact of sketchy co-promotion is omitted in the default setup screen, and therefore the infiltration takes you by surprise.

Evil configuration profile

Because the Bing redirect is a malware-borne type of thing, it won’t sort itself out unless you uninstall the malicious app from your Mac and revert to your normal web browsing customizations. You’ll hit a roadblock when doing this: the infection uses the command line to install an intrusive configuration profile that manages the Internet settings and prevents you from putting the correct ones into effect.

So heading to System Preferences > Profiles and deleting everything you don’t recognize is half the battle. Then, you can get down to commonplace app removal without being impeded by the tricky code. Finally, you’ll need to put the finishing touches to the cleanup process by re-specifying your search engine defaults.

%d bloggers like this: