Searchlee is another browser hijacker that redirects infected users to searchlee.com website. This annoying malware affects Safari, Mozilla Firefox and Google Chrome browsers.
Infiltration method
This malware uses the well-known vectors of attack. The adware dropper is planted in the Mac system when the user installs a phony application. This method is known as “bundling” – a legit software can install a harmful app without user’s consent. For example, there is a plethora of malevolent schemes, distributed by pop-ups, that urge the users to install/update Flash Player in order to get a faster browsing experience. Or, user can download a supposedly useful app from a specially crafted page, and during its install, Searchlee attacks the browsers.
Searchlee visual signs
Once the hijacker invades the system, it spreads its malicious files on auto-start locations as LaunchAgents in order to insure its persistence. It also uses the Terminal command-line tool to make a configuration profile. The mentioned profile ensures the persistence of the malware across the system and all browsers. It changes the homepage, search engine, and new tab defaults to searchlee.com so that the user keeps visiting the site during his Internet sessions.
When victim performs an online search, Searchlee returns specially crafted results that aim to take the user to malwertized pages. Sometimes, the resulting site is Yahoo Hosted Search or search.safefinder.com. In all cases, the criminals behind the hijacker hit numerous ad networks in order to boost their earnings.
The annoying redirects are not the only harm that Searchlee does to the infected Mac. The malware also collects user’s data in the background. This can include user identifiable information as system details and hardware information, browsing history, bookmarks and even stored usernames and passwords.
Removal process
Unfortunately, Searchlee malware is very hard to eradicate. It consists of a plethora of files, profile and services that must be totally removed in order to clean the system. To keep safe from viruses like this, never install software from untrusted sites, do not click on pop-ups, and do not install software updates suggested in a browser window.
If you want to remove Searchlee redirect, you may try some of the automated malware removers available.
