Avoid downloading dubious apps from mobile-apple.club

What is mobile-apple[.]club?

mobile-apple[.]club is a scam website which operates by making deceptive claims that visitors' iPhones have been damaged. The site states that these issues must be resolved immediately to prevent further damage to the device. Sites of this kind promote untrustworthy and malicious content.

They endorse various Potentially Unwanted Applications (PUAs) and malicious software (e.g. trojans, ransomware and other malware). Few users enter mobile-apple[.]club intentionally - in most cases, they are redirected by intrusive ads or PUAs already present on the device.

While this scam targets iPhone users, redirects to mobile-apple[.]club can occur on other Apple products as well. The web page alerts visitors that their Apple iPhone is infected with 17 viruses, which it classifies as "browser trojan viruses". The source of these non-existent infections are apparently corrupted websites that the users have allegedly visited.

Users are urged to eliminate these threats, as they can proliferate and infect sensitive data. The viruses have supposedly already damaged the browser, with damage listed at 24.9%. If they are not eliminated, users risk having their Facebook accounts, Whatsapp messages, photos and other private applications being compromised.

The mobile-apple[.]club site provides step-by-step instructions about how to remove the fake viruses. It instructs people to install Secnet VPN from App Store and run it to activate the latest update (and/or remove older, possibly infected versions). Note that no web page can detect threats/issues present on a device.

Additionally, products promoted by deceptive web pages are often nonoperational, untrustworthy and even malicious. Clicking the "Remove Virus" button will lead to download of dubious and/or harmful content. You are strongly advised against downloading/installing and/or purchasing software endorsed by mobile-apple[.]club or other suspicious websites.

Force-opening deceptive/scam, rogue, compromised and malicious sites is just one capability of PUAs. Adware-type unwanted apps can deliver intrusive advertisements (pop-ups, banners, coupons, etc.), which diminish the browsing experience. These generate redirects to dangerous web pages and some can stealthily download/install unwanted content.

Browser hijackers are rogue applications that modify browsers and limit/deny access to their settings. Fake cleaning/optimization software/tools require activation to perform their advertised functions (i.e., they need to be purchased to work), however, following activation, they usually remain nonoperational.

Most PUAs, regardless of type, can track data. They monitor users' browsing habits (URLs visited, search queries typed, etc.) and gather personal information (IP addresses, geolocation and personal details). This vulnerable data can then be shared with third parties, seeking to misuse it for profit.

This unwanted software is used to generated revenue for the developers and is useless for regular users - it can also be very dangerous. PUAs can cause browser and system infiltration/infections, lead to serious privacy issues, financial loss and even identity theft. Therefore, you are advised to remove all suspect applications without delay.

Threat Summary:

Name	mobile-apple.club pop-up
Threat Type	Phishing, Scam, Mac malware, Mac virus.
Fake Claim	Site claims visitors' iPhones are infected.
Detection Names	Avira (no cloud) (Phishing), Full List (VirusTotal)
Serving IP Address	104.24.123.245
Symptoms	Your Mac becomes slower than normal, you see unwanted pop-up ads, you are redirected to dubious websites.
Distribution methods	Deceptive pop-up ads, free software installers (bundling), fake Flash Player installers, torrent file downloads.
Damage	Internet browser tracking (potential privacy issues), display of unwanted ads, redirects to dubious websites, loss of private information.
Malware Removal (Mac)	To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner for Mac To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Scams like mobile-apple[.]club use scare-tactics and social engineering to achieve the desired effect. "Your Apple iPhone Is Severely Damaged by (6) Viruses!", voresko.club, and vpnshieldplus2.com are some examples of websites practically identical to mobile-apple[.]club.

There are various scam models: as well as claiming that visitors' devices are infected, they can allege that a piece of crucial software is outdated, "incredible" prizes have been awarded to users, and so on.

The purpose is to urge visitors to download/install and purchase dubious, hazardous content, make expensive calls to fake support lines, reveal personal information, make monetary transactions, and take many other actions. To summarize, deceptive sites simply create profit for their designers.

How did potentially unwanted applications install on my computer?

PUAs do not require express user permission to infiltrate devices. They proliferate through the download/install set-ups of other software. The deceptive marketing method of pre-packing normal products with unwanted or malicious content is termed "bundling".

Rushing download/installation processes (e.g. ignoring terms, using pre-set options, etc.) increases the risk of unintentionally allowing bundled applications onto devices.

Some PUAs have "official" download web pages, which in turn are usually promoted by untrustworthy, deceptive/scam sites and in other dubious ways. Intrusive advertisements also proliferate these apps. When clicked, they can execute scripts to stealthily download/install PUAs.

How to avoid installation of potentially unwanted applications

Content should be researched before being downloaded/installed. You are advised to use only official and verified download channels. Avoid untrustworthy download sources such as P2P sharing networks (BitTorrent, eMule, Gnutella, etc.) free file-hosting sites and other third party downloaders, as they are more likely to offer deceptive and/or bundled programs.

Download/installation processes should be approached with caution. Read the terms, study all possible options, use the "Custom/Advanced" settings and opt-out of supplementary apps, tools, features and so on.

Intrusive ads typically seem legitimate and harmless, however, they can cause redirects to highly dubious web pages (e.g. gambling, adult-dating, pornography, etc.).

If you experience ads/redirects of this type, inspect the device and remove all suspicious applications and/or browser extensions/plug-ins immediately. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate them.

Text presented on mobile-apple[.]club web page:

App Store

WARNING!
Your Apple iPhone is severely damaged by 17 viruses!

We have detected that your Browser is (24.9%) DAMAGED by BROWSER TROJAN VIRUSES picked up while surfing recent corrupted sites.

Immediate action is required to prevent it from spreading and infecting sensitive data like your Facebook account, Whatsapp messages photos and private applications.

Here is how you can solve this in just a few seconds (Step by Step)

Step 1: Tap REMOVE VIRUS to install Secnet VPN from the App Store.

Step 2: Open the application to activate the latest update and remove any older (Infected) versions.

Remove Virus.

To enable pop-up blocking, fraudulent website warnings, and remove web browsing data on mobile Apple devices, follow these steps:

First, go to "Settings", and then scroll down to find and tap "Safari".

Check if the "Block Pop-ups" and "Fraudulent Website Warning" toggles are enabled. If not, enable them immediately. Then, scroll down and tap "Advanced".

Tap "Website Data" and then "Remove All Website Data".

Instant automatic Mac malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner for Mac By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is "mobile-apple[.]club"?
• STEP 1. Remove PUA related files and folders from OSX.
• STEP 2. Remove rogue extensions from Safari.
• STEP 3. Remove rogue add-ons from Google Chrome.
• STEP 4. Remove potentially unwanted plug-ins from Mozilla Firefox.

Video showing how to remove adware and browser hijackers from a Mac computer:

Potentially unwanted applications removal:

Remove potentially unwanted applications from your "Applications" folder:

Click the Finder icon. In the Finder window, select "Applications". In the applications folder, look for "MPlayerX","NicePlayer", or other suspicious applications and drag them to the Trash. After removing the potentially unwanted application(s) that cause online ads, scan your Mac for any remaining unwanted components.

Remove adware-related files and folders

Click the Finder icon, from the menu bar. Choose Go, and click Go to Folder...

Check for adware generated files in the /Library/LaunchAgents/ folder:

In the Go to Folder... bar, type: /Library/LaunchAgents/

In the "LaunchAgents" folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - "installmac.AppRemoval.plist", "myppes.download.plist", "mykotlerino.ltvbit.plist", "kuklorest.update.plist", etc. Adware commonly installs several files with the exact same string.

Check for adware generated files in the ~/Library/Application Support/ folder:

In the Go to Folder... bar, type: ~/Library/Application Support/

In the "Application Support" folder, look for any recently-added suspicious folders. For example, "MplayerX" or "NicePlayer", and move these folders to the Trash.

Check for adware generated files in the ~/Library/LaunchAgents/ folder:

In the Go to Folder... bar, type: ~/Library/LaunchAgents/

In the "LaunchAgents" folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - "installmac.AppRemoval.plist", "myppes.download.plist", "mykotlerino.ltvbit.plist", "kuklorest.update.plist", etc. Adware commonly installs several files with the exact same string.

Check for adware generated files in the /Library/LaunchDaemons/ folder:

In the "Go to Folder..." bar, type: /Library/LaunchDaemons/

In the "LaunchDaemons" folder, look for recently-added suspicious files. For example "com.aoudad.net-preferences.plist", "com.myppes.net-preferences.plist", "com.kuklorest.net-preferences.plist", "com.avickUpd.plist", etc., and move them to the Trash.

Scan your Mac with Combo Cleaner:

If you have followed all the steps correctly, your Mac should be clean of infections. To ensure your system is not infected, run a scan with Combo Cleaner Antivirus. Download it HERE. After downloading the file, double click combocleaner.dmg installer. In the opened window, drag and drop the Combo Cleaner icon on top of the Applications icon. Now open your launchpad and click on the Combo Cleaner icon. Wait until Combo Cleaner updates its virus definition database and click the "Start Combo Scan" button.

Combo Cleaner will scan your Mac for malware infections. If the antivirus scan displays "no threats found" - this means that you can continue with the removal guide; otherwise, it's recommended to remove any found infections before continuing.

After removing files and folders generated by the adware, continue to remove rogue extensions from your Internet browsers.

Remove malicious extensions from Internet browsers

Remove malicious Safari extensions:

Open the Safari browser, from the menu bar, select "Safari" and click "Preferences...".

In the preferences window, select "Extensions" and look for any recently-installed suspicious extensions. When located, click the "Uninstall" button next to it/them. Note that you can safely uninstall all extensions from your Safari browser - none are crucial for regular browser operation.

• If you continue to have problems with browser redirects and unwanted advertisements - Reset Safari.

Remove malicious extensions from Google Chrome:

Click the Chrome menu icon (at the top right corner of Google Chrome), select "More Tools" and click "Extensions". Locate all recently-installed suspicious extensions, select these entries and click "Remove".

• If you continue to have problems with browser redirects and unwanted advertisements - Reset Google Chrome.

Remove malicious extensions from Mozilla Firefox:

Click the Firefox menu (at the top right corner of the main window) and select "Add-ons and themes". Click "Extensions", in the opened window locate all recently-installed suspicious extensions, click on the three dots and then click "Remove".

• If you continue to have problems with browser redirects and unwanted advertisements - Reset Mozilla Firefox.

▼ Show Discussion