Skip to main content

How to remove malware from Safari browser

This guide includes comprehensive information on malicious code targeting Safari and provides effective techniques to remove malware from Safari browser.

The design, user-friendliness, speed, energy efficiency and other pros of the Safari browser are out of the question. Apple devices go equipped with this remarkable Internet navigation tool by default, and the overwhelming majority of Mac and iOS users stay dedicated to it as their primary web surfing software. According to a report by the StatCounter firm, this browser’s overall market share as of January 2017 amounted to 14.54%. People in the cybercrime underground, obviously, stay on top of these statistics as well. These sleazeballs know what’s popular and focus on firing their attacks against digital environments used by many. Furthermore, it turns out that installing toxic apps on Safari without admin’s consent isn’t nearly as tough an objective as compromising other components of Mac OS X architecture. With all the pros of Safari in place, it is currently the weakest link in the overall protection setup of the average Mac.

Phony FBI alert in Safari

It wouldn’t be correct to classify the malware targeting Safari as a top-notch cyber adversary. Most of the time, these are low-impact hijackers that replace the homepage, new tab and search preferences with certain predefined values. Some of these infections engage in phishing and suchlike types of social engineering, so they are manipulative and annoying rather than dangerous. An example is the nefarious FBI virus that impersonates the apropos law enforcement agency and persistently makes victims end up on a deceptive warning page (see screen capture above). These rogue sites are nothing but bluff, stating that the user has violated the Copyright and Related Rights Law or committed some other computer-related felony. The goal of this hoax is to make victims pay a fee for their purported wrongdoings. Obviously, the correct way to go about this type of attack is to get rid of the Safari browser hijacker, which isn’t difficult to do at all.

Tech support scam popup in Safari

Some types of Safari hijackers reach the brainwashing effect in a somewhat different way. They cause recurrent redirecting of web traffic to misleading sites that report critical system errors or spyware. Popups triggered on such pages may instruct victims to call “tech support” for assistance, with the telephone number being indicated there. If an unsuspecting user actually dials the number, an impostor on the other end will do their best to make the victim pay for the spoof troubleshooting services.Whereas the modus operandi of these perpetrating programs may vary, the common denominator is a piece of malware that attacks the browser and wreaks havoc with it.

Safari adware injecting noxious deals into a web page

Adware is another widespread sub-type of Safari threats. These are intrusive plugins that display redundant ads on web pages visited by a victim. Essentially, adware generates an inconspicuous virtual layer over the original content of a site. This layer may contain arbitrary elements, and it’s up to the attackers what those elements will be. The infected user will encounter a slew of deals, coupons, freebies, comparison shopping boxes and banners wherever they go on the Internet. Search engine results will typically also contain ads that shouldn’t be there. To top it off, adware can trigger interstitial advertisements assuming the shape of separate browser windows. In-text ads pose one more side effect of the activity of these PUPs (potentially unwanted programs).

To handle the aftermath of any malware attack on Safari, removing the troublemaking app, plugin or script is a must. The ad injection instances described above are isolated to a specific machine and have nothing to do with visited websites, so the issues won’t vanish until virus cleanup is performed on the Mac. The same applies to browser hijackers. The sections below cover the entirety of tips to get rid of Safari malware for good.

Remove malware from Safari manually

The starting point for eliminating malicious activity in Safari is to uninstall the offending extension or plugin. This route, however, only works for low-impact browser malware that’s displayed on the list of add-ons and isn’t too persistent to be trashed in the regular way. Anyway, try the steps below first.

1. Uninstall malicious extension in Safari

• Go to Safari menu and select Preferences on the drop-down list

Go to Safari Preferences

• Click on the Extensions tab on Safari Preferences screen. Scroll down the installed extensions list in the left-hand section of the interface. Select the one that’s causing trouble and hit the Uninstall button as shown below

Uninstall malicious extension in Safari

• While on the same screen, select the General tab. Choose your preferred search provider and define the right Safari homepage

Configure default search engine and homepage in Safari

• Save the changes and restart Safari. Check whether the issue has been fixed. If so, you’re now good to go. If the problem perseveres, proceed to the next step to handle the malware in a more thoroughgoing way

2. Reset Safari

• Open the browser and go to Safari menu. Select Reset Safari in the drop-down list

• Make sure all the boxes are ticked on the interface and hit Reset

Resrt Safari


Get rid of malware from Safari using Combo Cleaner automatic removal tool

The Mac maintenance and security app called Combo Cleaner is a one-stop tool to detect and remove malware virus. This technique has substantial benefits over manual cleanup, because the utility gets hourly virus definition updates and can accurately spot even the newest Mac infections.

Furthermore, the automatic solution will find the core files of the malware deep down the system structure, which might otherwise be a challenge to locate. Here’s a walkthrough to sort out the malware issue using Combo Cleaner:

  1. Download Combo Cleaner installer. When done, double-click the combocleaner.dmg file and follow the prompts to install the tool onto your Mac.

    Download Combo Cleaner

    By downloading any applications recommended on this website you agree to our Terms and Conditions and Privacy Policy. The free scanner checks whether your Mac is infected. To get rid of malware, you need to purchase the Premium version of Combo Cleaner.

  2. Open the app from your Launchpad and let it run an update of the malware signature database to make sure it can identify the latest threats.
  3. Click the Start Combo Scan button to check your Mac for malicious activity as well as performance issues.

    Combo Cleaner Mac scan progress

  4. Examine the scan results. If the report says “No Threats”, then you are on the right track with the manual cleaning and can safely proceed to tidy up the web browser that may continue to act up due to the after-effects of the malware attack (see instructions above).

    Combo Cleaner scan report – no threats found

  5. In case Combo Cleaner has detected malicious code, click the Remove Selected Items button and have the utility remove malware threat along with any other viruses, PUPs (potentially unwanted programs), or junk files that don’t belong on your Mac.

    Combo Cleaner – threats found

  6. Once you have made doubly sure that the malicious app is uninstalled, the browser-level troubleshooting might still be on your to-do list. If your preferred browser is affected, resort to the previous section of this tutorial to revert to hassle-free web surfing.

Was this article helpful? Please, rate this.

There are no comments yet.
Authentication required

You must log in to post a comment.

Log in