Gosearch22 Malware hits M1 laptops – Digitalmunition

Malware 1

Published on February 17th, 2021 📆 | 2475 Views ⚑


Gosearch22 Malware hits M1 laptops

It’s not uncommon for operating systems to be plagued by malware from time to time. The malware is pretty common on Intel processors used by MacBooks. after the abrupt change to their proprietary silicon, the Apple M1, which is based on the ARM architecture, a few malware have found their way into the M1 ecosystem. An application named Gosearch22 is the culprit that has seeped into a few laptops with M1 processors, the data of which remains unconfirmed at this point. It is an extension of the notorious Pirrit adware that has a long history with MacBooks.


Like the Pirrit adware, Gosearch22 is also adware that bombards your screen with ludicrous and irrelevant advertisements, which can be NSFW too. Having this kind of malware active inside your laptop brings all kinds of shame and trouble, anywhere you open your laptop. Gosearch22 presents itself as a browser extension for Safari browser on the macOS. It is not the only way of installing the adware on the M1 as it could be bundled alongside the application and can be hidden beneath offers you see while installing many applications.

What does Gosearch22 do?

Gosearch22 is an adware, which means its primary function is to present users with meaningless advertisements, offers, coupon codes, etc. But wait! Aren’t offers and coupons a great way to save money? Sadly not in this case. The advertisements that you see within adware are mostly dubious and bogus with no relation to the actual products showcased in them. Gosearch22 lures you using advertisement and directs you to webpages designed to execute phishing scams.

Apart from that, adware tries to collect as much browsing data as it can. Advertisements will only appear slightly relevant when you combine them with the user’s preferences that are reflected in the search history. Confidential details like IP addresses, addresses of visited web pages, entered search queries, geolocations, and other browsing-related information is extracted by Gosearch22, once it is installed on your system.

Adware Applications like Gosearch22 cannot hide for long inside your system as you will eventually notice the increase in the number of advertisements on a single webpage. However, a normal, non-tech savvy user might not be able to notice that the system is compromised with malware.


Gosearch22 bypassed the gatekeeper feature on the macOS by using a developer’s ID to sign it as a non-harmful application. An application signed by the Apple developer ID is rarely flagged as malware by the macOS. The root cause of this is the new M1 processors that lack software comparability at present. It appears that malware builders are again one step ahead of the developers in creating compatible malware for the M1 laptops. It’s nothing to fret about as not all users will be affected by Gosearch22, and even if you have, please uninstall the troublemaker. I’m sure security firms will soon catch up to the malware and help detect them before they create a ruckus inside your M1 laptop. First ShareIt and then the M1, it sure is a busy week for the security developers.

Tagged with:

Leave a Reply