Skip to main content
Published Oct 19, 2021 | Updated Nov 15, 2021

Adware:MacOS/Adload.A

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

Microsoft Defender Antivirus or Microsoft Defender for Endpoint on Mac detects and removes this threat.

Adload is a malicious adware and a potentially unwanted application (PUA) that targets Mac devices. It is known to impersonate legitimate apps, such as video players or support agents, and is most likely downloaded through malicious links on third-party websites. Adload is also dropped as an additional payload by the UpdateAgent trojan variants.

Microsoft Defender Antivirus or Microsoft Defender for Endpoint on Mac automatically removes threats as they are detected. If you have cloud-delivered protection, your device gets the latest defenses against new and unknown threats. If you don't have this feature enabled, update your antimalware definitions and run a full scan to remove this threat.

If the Adload adware has been launched, it is likely that the device is under complete attacker control. To help reduce the impact of this threat, you can:

  • Inspect the downloaded file and the process responsible for modifying the file quarantine attribute.
  • Stop suspicious processes, isolate the affected device, rest the password, block IP addresses and URLs, and install security updates.
  • Investigate the device timeline for indications of reconnaissance and data exfiltration.
  • Contact your incident response team to start the incident response process. If you don't have one, contact Microsoft support for potential forensic analysis and remediation.

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

Follow us